In response to software development organizations taking more steps to secure their applications, attackers have had to get more creative in their own methods. The sharp and continuous rise of code reuse and cloud-native approaches have provided them with additional angles to mount attacks several degrees of separation away from their intended targets. Exploiting just one weakness opens the door for a threat actor traverse down the supply chain where they can steal sensitive data, plant malware, and take control of systems – something we’ve seen plenty of examples of in recent times.

In light of the uptick in security breaches, President Biden issued an executive order directing the heads of several federal organizations to create additional security guidelines surrounding the software they consume and operate. Aimed at bolstering the U.S.’s cybersecurity profile, this order has prompted a nationwide re-examination of organizational security practices that stretches well beyond those specified at the federal level.