UK businesses adopted 21,000 vulnerable open source components last year

UK businesses adopted 21,000 vulnerable open source components last year

UK businesses adopted 21,000 vulnerable open source components last year

The widespread adoption of open source components to power enterprise applications has no doubt helped organisations increase their efficiency, but a lack of oversight over security credentials of such components is seriously endangering organisations' cyber security.
Last year, in an expert opinion published by TEISS, Derek Weeks, VP and DevOps Advocate at Sonatype, said that the adoption of open source components by the software industry flew in the face of Cyber Security by Design, a concept championed by the government to ensure companies were introducing cyber security in their products at the design stage in order to make the practice of building security into their devices less complicated.
"Shipping known vulnerable software components in one’s product in any other manufacturing industry would be considered gross negligence. Connected toys and smartwatches, however, are only the tip of the iceberg. No other manufacturing industry is permitted to ship known vulnerable or defective parts in their products. Why should software manufacturers be any different?" he wrote.
"If we factor in products such as connected pacemakers and driverless cars, this turns into a life or death situation. This isn’t even taking into account the increasingly connected nature of heavy manufacturing and utilities - industries that affect everyday life and have a huge impact on everyone no matter who they are or where they work," Weeks added.

Copyright Lyonsdown Limited 2020

Top Articles

SITA data breach compromised data associated with multiple international airlines

SIT, has revealed it recently suffered a major cyber attack that compromised information belonging to customers of several airline companies.

COVID-19-forced work shifts prompting shifts in IT priorities

IT and security teams are changing their priorities to adjust with remote work to ensure productivity amidst COVID-19 related lockdowns.

Tips for building a cyber-security war room

Cyber security war rooms are essential but you need the right team of decision makers to be involved & you need to practice a variety of scenarios

Related Articles