Snap CISO talks risky supply chain security business

  • 📰 TheRegister
  • ⏱ Reading Time:
  • 40 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 19%
  • Publisher: 61%

Belgique Nouvelles Nouvelles

Snap CISO: I rate software supply chain risk 9.9 out of 10

On a scale of 1 to 10, 10 being the highest risk, Snap Chief Information Security Officer Jim Higgins rates software supply chain risk"about 9.9". It seems we're a long way from avoiding the next SolarWinds-style scenario.

Not only is the supply chain at high risk, but it's a tough security problem to fix because a single product can have tens of thousands of software dependencies. "It's a physics problem," Higgins said, in that software packages are dependent on so many other third-party and open-source software libraries. And it only takes a bug in one of these to make your organization the next cautionary tale.

The most important thing his fellow CISOs can do to improve supply chain security is to know what software their organization uses and understand the dependencies across the supply chain, according to Higgins. He recommends adding a full inventory of libraries in use as a start point for fixing the problem, so security staff know exactly what to check.

 

Merci pour votre commentaire. Votre commentaire sera publié après examen.
Nous avons résumé cette actualité afin que vous puissiez la lire rapidement. Si l'actualité vous intéresse, vous pouvez lire le texte intégral ici. Lire la suite:

 /  🏆 67. in BE

Belgique Dernières Nouvelles, Belgique Actualités