In today's interconnected digital landscape, we recognise the intricate interdependencies and complexities that exist within software supply chain security ecosystem. In the recent years, the number of software supply chain security (SSCS) attacks has increased exponentially. To address this risk, regulatory scrutiny on SSCS has been steadily rising. Further, most software product suppliers/ developers and consumers are not adequately mature to effectively manage software supply chain attacks. This Point of View (PoV) document outlines key points discussed and insights shared during SSCS webinar including prioritising scope for SSCS program, role played by Software Bill of Material (SBOM) and contract, emerging standards, and regulatory requirements on SSCS and practical next steps that organisations can undertake to start their SSCS journey.

Key Contacts