Software supply chain attacks will continue to be successful as long as the chasm between software development teams and info security teams persists. Until these two departments agree on common goals, attacks targeting software vulnerabilities will continue to cause havoc.
ENISA says software supply chain attacks will quadruple in 2021, causing widespread impact as threat actors deploy more sophisticated techniques making strong cyber defenses ineffective.
Federal agencies NIST and CISA issued guidelines to defend organizations and vendors against acquiring or distributing programs compromised through software supply chain attacks.