Only one in five organizations has visibility in their software supply chain. Therefore, most companies don’t know about all of their solutions’ components and dependencies. A large-scale data breach without any warning soon looms.
The research comes from Anchore, namely the 2024 Software Supply Chain Security Report. Other findings show a poor adherence to best practices in the software world. For example, 51 percent of those surveyed do not have a software bill-of-materials (SBOM) in place, which 78 percent of respondents said would be improved within a year and a half.
For the study, Anchore surveyed 106 specialists within organizations responsible for their organization’s supply chain security. Previous research from JFrog showed that supply chain risks are rising.
Tip: Supply chain risks are becoming an ever larger problem for businesses
Major (unforeseen) damage
This is easier said than done, while necessary. Data leaks can have a tremendous impact on the reputation of an organization and suggest to the outside world that sensitive data is not safe with them, even though the problem may have arisen from a software dependency nobody inside the company was even aware of. This is a recipe for disaster, especially when financial penalties can add insult to reputational injury.
Requiring an SBOM is of great importance, for one thing. This is especially the case with organizations that process a lot of personal data and not just from their employees, as the impact quickly becomes vast. The fact that Anchore respondents describe supply chain security as a priority (76 percent) is a good thing. However, they still need to put words into action before any champagne can be uncorked.
According to the survey, one of the primary motivations for organizations is to meet compliance requirements. The report found that organizations must comply with 4.9 standards and regulations. Respondents foresee more problems in the future, and this is due to AI. Embedded AI libraries will create further supply chain security headaches, according to 77 percent of respondents.