Over the past year, 54% of global organizations faced software supply chain attacks, taking more than a month to respond in half of the cases, and 20% admitting ineffective detection and response capabilities, as per 'The State of Software Supply Chain Security Risk' report by Synopsys and the Ponemon Institute. This report also reveals AI integration in development teams with tools like OpenAI Codex, ChatGPT, and GitHub Copilot, raising concerns about risks due to the lack of safeguards. Limited adoption of Software Bills of Materials (SBOMs), concerns over open source vulnerabilities, and insufficient commitment from leaders to address these challenges are major takeaways
Moreover, only 35% produce SBOMs, 65% use open source software, and less than half consider their security measures highly effective. Improving visibility into applications and continuous evaluation of IP, security threats, and code quality are crucial to reducing risks in the face of escalating supply chain attacks. ```https://www.itsecurityguru.org/2024/05/16/most-companies-affected-by-software-supply-chain-attacks-in-the-last-year-struggling-to-detect-and-react-effectively/?utm_source=rss&utm_medium=rss&utm_campaign=most-companies-affected-by-software-supply-chain-attacks-in-the-last-year-struggling-to-detect-and-react-effectively