G2TT
来源类型Report
规范类型报告
DOIhttps://doi.org/10.7249/PEA2072-1
来源IDPE-A2072-1
Disclosure of Software Supply Chain Risks
Sasha Romanosky; Jonathan W. Welburn
发表日期2022-05-26
出版年2022
页码12
语种英语
摘要

The nation's reliance on computer software to run and manage critical business services has increased dramatically over many decades and only continues to grow. But with this reliance comes risk. The increasing rate of and impact from the exploitation of software vulnerabilities has caused billions of dollars of damage and losses to thousands of companies across the world. And the malicious compromise — or even accidental failure — of software threatens firms across all industries throughout the United States. Moreover, it has become increasingly true that modern software applications are built on a foundation of third-party and open-source software components, developed by thousands of professional and volunteer contributors across the world. This complexity and decentralized nature of the modern software ecosystem mean that firms are more separated from the oversight of the software that runs their businesses and increasingly exposed to risks because of this expanding software supply chain. Although many federal government agencies are vocal in addressing this issue in their own way, the U.S. Securities and Exchange Commission (SEC) has been relatively quiet. This Perspective presents a set of proposed disclosure rules that the SEC could implement to help address software supply chain security.

主题Critical Infrastructure Protection ; Cybersecurity ; Data Science ; Supply Chain Management
URLhttps://www.rand.org/pubs/perspectives/PEA2072-1.html
来源智库RAND Corporation (United States)
引用统计
资源类型智库出版物
条目标识符http://119.78.100.153/handle/2XGU8XDN/525047
推荐引用方式
GB/T 7714
Sasha Romanosky,Jonathan W. Welburn. Disclosure of Software Supply Chain Risks. 2022.
条目包含的文件
文件名称/大小 资源类型 版本类型 开放类型 使用许可
RAND_PEA2072-1.pdf(157KB)智库出版物 限制开放CC BY-NC-SA浏览
个性服务
推荐该条目
保存到收藏夹
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Sasha Romanosky]的文章
[Jonathan W. Welburn]的文章
百度学术
百度学术中相似的文章
[Sasha Romanosky]的文章
[Jonathan W. Welburn]的文章
必应学术
必应学术中相似的文章
[Sasha Romanosky]的文章
[Jonathan W. Welburn]的文章
相关权益政策
暂无数据
收藏/分享
文件名: RAND_PEA2072-1.pdf
格式: Adobe PDF

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。