{"id":56018,"date":"2024-11-07T14:43:06","date_gmt":"2024-11-07T19:43:06","guid":{"rendered":"https:\/\/sdtimes.com\/?p=56018"},"modified":"2024-11-07T14:43:06","modified_gmt":"2024-11-07T19:43:06","slug":"report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain","status":"publish","type":"post","link":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/","title":{"rendered":"Report: Only 1 in 5 organizations have full visibility into their software supply chain"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Several high profile software supply chain security incidents over the last few years have put more of a spotlight on the need to have visibility into the software supply chain. However, it seems as though those efforts may not be leading to the desired outcomes, as a new survey found that only one out of five organizations believe they have that visibility into every component and dependency in their software.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The survey, Anchore\u2019s <\/span><a href=\"https:\/\/anchore.com\/blog\/anchore-survey-2024-only-1-in-5-organizations-have-full-visibility-of-open-source\/\"><span style=\"font-weight: 400;\">2024 Software Supply Chain Security Report<\/span><\/a><span style=\"font-weight: 400;\">, also found that less than half of respondents are following supply chain best practices like creating software bill-of-materials (SBOMs) for the software they develop (49% of respondents) or for open source projects they use (45%) of respondents. Additionally, only 41% of respondents request SBOMs from the third-party vendors they use. Despite these low numbers, this is a significant improvement from 2022\u2019s survey, when less than a third of respondents were following these practices.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The report found that 78% of respondents are planning on increasing their use of SBOMs in the next 18 months, and 32% of them plan to significantly increase use.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cThe SBOM is now a critical component of software supply chain security. An SBOM provides visibility into software ingredients and is a foundation for understanding software vulnerabilities and risks,\u201d Anchore wrote in the report.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The report also found that currently 76% of respondents are prioritizing software supply chain security.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Many companies are having to make this a priority as part of their efforts to comply with regulations. According to the report, organizations are now having to comply with an average of 4.9 regulations and standards, putting more pressure on them to get security right.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Of the companies surveyed, more than half have a cross-functional (51%) or fully dedicated team (8%) that works on supply chain security.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Finally, 77% of respondents are worried about how embedded AI libraries will impact their software supply chain security.\u00a0\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For the survey, Anchore interviewed 106 leaders and practitioners that are involved in software supply chain security at their company. <\/span><\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>Several high profile software supply chain security incidents over the last few years have put more of a spotlight on the need to have visibility into the software supply chain. However, it seems as though those efforts may not be leading to the desired outcomes, as a new survey found that only one out of  &hellip; <a class=\"read-more\" href=\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\">continue reading<\/a><!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":752,"featured_media":56019,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"cybocfi_hide_featured_image":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[1],"tags":[8219,15730,45,16505],"coauthors":[11687],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Report: Only 1 in 5 organizations have full visibility into their software supply chain - SD Times<\/title>\n<meta name=\"description\" content=\"The report also found that less than half of respondents are following supply chain security best practices, like creating SBOMs.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Report: Only 1 in 5 organizations have full visibility into their software supply chain - SD Times\" \/>\n<meta property=\"og:description\" content=\"The report also found that less than half of respondents are following supply chain security best practices, like creating SBOMs.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\" \/>\n<meta property=\"og:site_name\" content=\"SD Times\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SDTimesD2\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-07T19:43:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1203\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jenna Barron\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:site\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jenna Barron\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\"},\"author\":{\"name\":\"Jenna Barron\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786\"},\"headline\":\"Report: Only 1 in 5 organizations have full visibility into their software supply chain\",\"datePublished\":\"2024-11-07T19:43:06+00:00\",\"dateModified\":\"2024-11-07T19:43:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\"},\"wordCount\":335,\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg\",\"keywords\":[\"Anchore\",\"SBOM\",\"security\",\"software supply chain\"],\"articleSection\":[\"Latest News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\",\"url\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\",\"name\":\"Report: Only 1 in 5 organizations have full visibility into their software supply chain - SD Times\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg\",\"datePublished\":\"2024-11-07T19:43:06+00:00\",\"dateModified\":\"2024-11-07T19:43:06+00:00\",\"description\":\"The report also found that less than half of respondents are following supply chain security best practices, like creating SBOMs.\",\"breadcrumb\":{\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg\",\"width\":1920,\"height\":1203},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/sdtimes.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Report: Only 1 in 5 organizations have full visibility into their software supply chain\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sdtimes.com\/#website\",\"url\":\"https:\/\/sdtimes.com\/\",\"name\":\"SD Times\",\"description\":\"Software Development News\",\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sdtimes.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/sdtimes.com\/#organization\",\"name\":\"SD Times\",\"url\":\"https:\/\/sdtimes.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"width\":225,\"height\":90,\"caption\":\"SD Times\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/SDTimesD2\",\"https:\/\/x.com\/sdtimes\",\"https:\/\/www.linkedin.com\/company\/sdtimes\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786\",\"name\":\"Jenna Barron\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/image\/b4be3423b187642936e62f121111345e\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g\",\"caption\":\"Jenna Barron\"},\"description\":\"Jenna Barron is News Editor of SD Times.\",\"url\":\"https:\/\/sdtimes.com\/author\/jennifer-sargent\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Report: Only 1 in 5 organizations have full visibility into their software supply chain - SD Times","description":"The report also found that less than half of respondents are following supply chain security best practices, like creating SBOMs.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/","og_locale":"en_US","og_type":"article","og_title":"Report: Only 1 in 5 organizations have full visibility into their software supply chain - SD Times","og_description":"The report also found that less than half of respondents are following supply chain security best practices, like creating SBOMs.","og_url":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/","og_site_name":"SD Times","article_publisher":"https:\/\/www.facebook.com\/SDTimesD2","article_published_time":"2024-11-07T19:43:06+00:00","og_image":[{"width":1920,"height":1203,"url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg","type":"image\/jpeg"}],"author":"Jenna Barron","twitter_card":"summary_large_image","twitter_creator":"@sdtimes","twitter_site":"@sdtimes","twitter_misc":{"Written by":"Jenna Barron","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#article","isPartOf":{"@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/"},"author":{"name":"Jenna Barron","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786"},"headline":"Report: Only 1 in 5 organizations have full visibility into their software supply chain","datePublished":"2024-11-07T19:43:06+00:00","dateModified":"2024-11-07T19:43:06+00:00","mainEntityOfPage":{"@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/"},"wordCount":335,"publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"image":{"@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg","keywords":["Anchore","SBOM","security","software supply chain"],"articleSection":["Latest News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/","url":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/","name":"Report: Only 1 in 5 organizations have full visibility into their software supply chain - SD Times","isPartOf":{"@id":"https:\/\/sdtimes.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage"},"image":{"@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg","datePublished":"2024-11-07T19:43:06+00:00","dateModified":"2024-11-07T19:43:06+00:00","description":"The report also found that less than half of respondents are following supply chain security best practices, like creating SBOMs.","breadcrumb":{"@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#primaryimage","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2024\/11\/pexels-stephendn-131018.jpg","width":1920,"height":1203},{"@type":"BreadcrumbList","@id":"https:\/\/sdtimes.com\/security\/report-only-1-in-5-organizations-have-full-visibility-into-their-software-supply-chain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sdtimes.com\/"},{"@type":"ListItem","position":2,"name":"Report: Only 1 in 5 organizations have full visibility into their software supply chain"}]},{"@type":"WebSite","@id":"https:\/\/sdtimes.com\/#website","url":"https:\/\/sdtimes.com\/","name":"SD Times","description":"Software Development News","publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sdtimes.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sdtimes.com\/#organization","name":"SD Times","url":"https:\/\/sdtimes.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","width":225,"height":90,"caption":"SD Times"},"image":{"@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/SDTimesD2","https:\/\/x.com\/sdtimes","https:\/\/www.linkedin.com\/company\/sdtimes\/"]},{"@type":"Person","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/f2524e55ae19da07ea3613577da9f786","name":"Jenna Barron","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/image\/b4be3423b187642936e62f121111345e","url":"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b128943929626cdcafccbac86bd306f9?s=96&d=mm&r=g","caption":"Jenna Barron"},"description":"Jenna Barron is News Editor of SD Times.","url":"https:\/\/sdtimes.com\/author\/jennifer-sargent\/"}]}},"_links":{"self":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/56018"}],"collection":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/users\/752"}],"replies":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/comments?post=56018"}],"version-history":[{"count":1,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/56018\/revisions"}],"predecessor-version":[{"id":56020,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/56018\/revisions\/56020"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media\/56019"}],"wp:attachment":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media?parent=56018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/categories?post=56018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/tags?post=56018"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/coauthors?post=56018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}