Forbes: The Road to Supply Chain Security
Supply chain attacks have become ubiquitous recently. One study by Nokia (via Mimecast) concluded that "2021 has become known as the year of the supply chain attack."
The use of third-party code in enterprise software has made all sorts of products vulnerable to attack. In the last year, a number of large cyber incidents were due to vulnerable or compromised software components that have either gone undetected or have no patch to mitigate them. Security teams had to drop everything to analyze both the products they use and the supply chain software within their own code.