A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda

Authors:
Venue:
IEEE Security & Privacy (Journal), vol. 21, no. 06, pp. 59-63 (IEEE Security & Privacy)
Date:
November 13, 2023
Type:
Other (non-peer reviewed) publication

Abstract

Securing the software supply chain requires that we recognize the importance of individual developers. While securing dependencies and build systems is necessary, recent attacks have shown that developers are a commonly successfully attacked link in the chain. Therefore, a comprehensive approach that considers the human factor is crucial for effective software supply chain security