{"id":55215,"date":"2024-07-18T15:16:41","date_gmt":"2024-07-18T19:16:41","guid":{"rendered":"https:\/\/sdtimes.com\/?p=55215"},"modified":"2024-07-18T15:16:41","modified_gmt":"2024-07-18T19:16:41","slug":"report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use","status":"publish","type":"post","link":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/","title":{"rendered":"Report: Execs and devs have different perceptions around supply chain security, AI use"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">While the occurrence of software supply chain attacks just keeps getting worse every year, there appears to be a disconnect among leaders on the importance of securing those supply chains.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">According to <\/span><a href=\"https:\/\/www.idc.com\/getdoc.jsp?containerId=prUS50913123\"><span style=\"font-weight: 400;\">research from IDC<\/span><\/a><span style=\"font-weight: 400;\">, there has been a 241% increase year-over-year in supply chain attacks, but a new survey from JFrog had only 30% of respondents citing supply chain security as a top security concern.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The report also revealed disconnects between how leaders perceive the security of their organization versus the frontline software teams managing it. Ninety-two percent of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers. Similarly, 67% of executives think that code-level security scans are being regularly conducted, compared to only 41% of developers confirming they do this.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">There is a similar disconnect when it comes to AI\/ML. Over 90% of executives said that their development teams were using ML models in their applications, but only 63% of developers say that\u2019s true.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">And 88% of executives think that AI tools are being used for security scanning, but only 60% of DevSecOps teams say they are actually using AI-powered security tools.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cThe complexity of today\u2019s software supply chain poses unprecedented risks. Despite leadership efforts to enable frontline teams with the right equipment, developers are struggling to improve efficiency and accelerate productivity due to tool sprawl, lengthy open source and ML model approvals, plus audit and compliance checks,\u201d said Moran Ashkenazi, SVP &amp; CISO, JFrog. \u201cThis discrepancy highlights the urgency for organizations to rethink their security strategies, focus more on AI\/ML components, and align executives and doers on a mission to fortify their software supply chains.\u201d<\/span><\/p>\n<hr \/>\n<p><em>You may also like&#8230;<\/em><\/p>\n<p><strong><a href=\"https:\/\/sdtimes.com\/security\/companies-still-need-to-work-on-security-fundamentals-to-win-in-the-supply-chain-security-fight\/\">Companies still need to work on security fundamentals to win in the supply chain security fight<\/a><\/strong><\/p>\n<p><strong><a href=\"https:\/\/sdtimes.com\/softwaredev\/developers-leaders-disconnect-on-productivity-satisfaction\/\">Developers, leaders disconnect on productivity, satisfaction<\/a><\/strong><\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>While the occurrence of software supply chain attacks just keeps getting worse every year, there appears to be a disconnect among leaders on the importance of securing those supply chains. According to research from IDC, there has been a 241% increase year-over-year in supply chain attacks, but a new survey from JFrog had only 30%  &hellip; <a class=\"read-more\" href=\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\">continue reading<\/a><!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":752,"featured_media":55216,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"cybocfi_hide_featured_image":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[1],"tags":[143,329,45,11243],"coauthors":[11687],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Report: Execs and devs have different perceptions around supply chain security, AI use - SD Times<\/title>\n<meta name=\"description\" content=\"92% of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Report: Execs and devs have different perceptions around supply chain security, AI use - SD Times\" \/>\n<meta property=\"og:description\" content=\"92% of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\" \/>\n<meta property=\"og:site_name\" content=\"SD Times\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SDTimesD2\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-18T19:16:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"854\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jenna Barron\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:site\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jenna Barron\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\"},\"author\":{\"name\":\"Jenna Barron\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786\"},\"headline\":\"Report: Execs and devs have different perceptions around supply chain security, AI use\",\"datePublished\":\"2024-07-18T19:16:41+00:00\",\"dateModified\":\"2024-07-18T19:16:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\"},\"wordCount\":310,\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg\",\"keywords\":[\"AI\",\"JFrog\",\"security\",\"supply chain\"],\"articleSection\":[\"Latest News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\",\"url\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\",\"name\":\"Report: Execs and devs have different perceptions around supply chain security, AI use - SD Times\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg\",\"datePublished\":\"2024-07-18T19:16:41+00:00\",\"dateModified\":\"2024-07-18T19:16:41+00:00\",\"description\":\"92% of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers.\",\"breadcrumb\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg\",\"width\":1280,\"height\":854},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/sdtimes.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Report: Execs and devs have different perceptions around supply chain security, AI use\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sdtimes.com\/#website\",\"url\":\"https:\/\/sdtimes.com\/\",\"name\":\"SD Times\",\"description\":\"Software Development News\",\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sdtimes.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/sdtimes.com\/#organization\",\"name\":\"SD Times\",\"url\":\"https:\/\/sdtimes.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"width\":225,\"height\":90,\"caption\":\"SD Times\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/SDTimesD2\",\"https:\/\/x.com\/sdtimes\",\"https:\/\/www.linkedin.com\/company\/sdtimes\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786\",\"name\":\"Jenna Barron\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/image\/b4be3423b187642936e62f121111345e\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g\",\"caption\":\"Jenna Barron\"},\"description\":\"Jenna Barron is News Editor of SD Times.\",\"url\":\"https:\/\/sdtimes.com\/author\/jennifer-sargent\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Report: Execs and devs have different perceptions around supply chain security, AI use - SD Times","description":"92% of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/","og_locale":"en_US","og_type":"article","og_title":"Report: Execs and devs have different perceptions around supply chain security, AI use - SD Times","og_description":"92% of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers.","og_url":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/","og_site_name":"SD Times","article_publisher":"https:\/\/www.facebook.com\/SDTimesD2","article_published_time":"2024-07-18T19:16:41+00:00","og_image":[{"width":1280,"height":854,"url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg","type":"image\/jpeg"}],"author":"Jenna Barron","twitter_card":"summary_large_image","twitter_creator":"@sdtimes","twitter_site":"@sdtimes","twitter_misc":{"Written by":"Jenna Barron","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#article","isPartOf":{"@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/"},"author":{"name":"Jenna Barron","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786"},"headline":"Report: Execs and devs have different perceptions around supply chain security, AI use","datePublished":"2024-07-18T19:16:41+00:00","dateModified":"2024-07-18T19:16:41+00:00","mainEntityOfPage":{"@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/"},"wordCount":310,"publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"image":{"@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg","keywords":["AI","JFrog","security","supply chain"],"articleSection":["Latest News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/","url":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/","name":"Report: Execs and devs have different perceptions around supply chain security, AI use - SD Times","isPartOf":{"@id":"https:\/\/sdtimes.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage"},"image":{"@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg","datePublished":"2024-07-18T19:16:41+00:00","dateModified":"2024-07-18T19:16:41+00:00","description":"92% of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers.","breadcrumb":{"@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#primaryimage","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/07\/employee-7366214_1280.jpg","width":1280,"height":854},{"@type":"BreadcrumbList","@id":"https:\/\/sdtimes.com\/security\/report-execs-and-devs-have-different-perceptions-around-supply-chain-security-ai-use\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sdtimes.com\/"},{"@type":"ListItem","position":2,"name":"Report: Execs and devs have different perceptions around supply chain security, AI use"}]},{"@type":"WebSite","@id":"https:\/\/sdtimes.com\/#website","url":"https:\/\/sdtimes.com\/","name":"SD Times","description":"Software Development News","publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sdtimes.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sdtimes.com\/#organization","name":"SD Times","url":"https:\/\/sdtimes.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","width":225,"height":90,"caption":"SD Times"},"image":{"@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/SDTimesD2","https:\/\/x.com\/sdtimes","https:\/\/www.linkedin.com\/company\/sdtimes\/"]},{"@type":"Person","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786","name":"Jenna Barron","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/image\/b4be3423b187642936e62f121111345e","url":"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g","caption":"Jenna Barron"},"description":"Jenna Barron is News Editor of SD Times.","url":"https:\/\/sdtimes.com\/author\/jennifer-sargent\/"}]}},"_links":{"self":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/55215"}],"collection":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/users\/752"}],"replies":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/comments?post=55215"}],"version-history":[{"count":1,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/55215\/revisions"}],"predecessor-version":[{"id":55217,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/55215\/revisions\/55217"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media\/55216"}],"wp:attachment":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media?parent=55215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/categories?post=55215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/tags?post=55215"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/coauthors?post=55215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}