The threat posed by software supply chain attacks is growing, says Trey Herr of Atlantic Council. Organizations can take steps to minimize the risks, he says. Stronger industry standards for how code is authenticated and verified are needed, Herr says. Herr will present an update on the research on Feb. 2 at Usenixs Enigma conference, a virtual event. He previously was a senior security strategist at Microsoft covering challenges in cloud computing, supply chain security, data governance and vulnerability disclosure.”]
Source: https://www.cuinfosecurity.com/how-to-manage-software-supply-chain-risks-a-15804