Afternoon Coffee: 2019 Global Sourcing Trends; Software Supply Chain Cybersecurity Risks; New Cleo Launch

AdobeStock/alekosa

Cyberattacks on software supply chains are on the rise, according to Microsoft's latest Security Intelligence Report (downloadable in full here).

As covered by Supply Chain Dive, it appears as though software developers and suppliers are increasingly less safe from attackers seeking to "gain access to source code, updating processes or internal servers." The goal "is to get their malware onto a software application that will be deployed to multiple users. Once the software is on a system, then so is the malware with all of the same permissions," according to the SCD article.

In the report itself, Diana Kelley, Microsoft Cybersecurity Field CTO, noted that "supply chain concerns went beyond apps and into the cloud and included malicious browser extensions, compromised Linux repositories, and multiple instances of back-doored modules.

"To address this threat, organizations are moving towards a transparent and trusted supply chain model," Kelley said in the report.

Cleo Launches Extended Capabilities

Integration platform vendor Cleo on Monday announced an update to its offerings for integration platforms as a service.

The Cleo Integration Cloud offering, which is meant to help businesses grow into e-commerce marketplaces, adds application connectors, updates self-service business insights, and optimizes how businesses connect, integrate and analyze digital ecosystem interactions, according to a press release.

The Rockford, Illinois company says its solution “takes an ‘outside-in’ view of the many-to-many ecosystem interactions required for organizations to scale performance and efficiency, enhance product and service functionality, and structure end-to-end application integrations that increase the value of business relationships.”

Global Sourcing Trends for 2019

Two of those top trends are a continued emphasis on digital services and digital talent acquisition, at least according to a new report from the Everest Group.

"Two key areas of service provider activity in Q4 demonstrate [this]," said H. Karthik, partner at Everest Group, in a press release. "First, service providers such as Accenture, DXC Technology and TCS announced acquisitions of startups to enhance their interactive digital content capabilities."

"Secondly, several service providers announced innovative partnerships with educational institutions in their attempts to bridge the digital skills gap," Karthik continued. "For example, Accenture announced a partnership with Georgia Institute of Technology, IBM is teaming up with IIT Delhi, and Infosys is joining forces with Cornell."

Keep up with procurement technology developments — subscribe to our newsletter!

Share on Procurious

Discuss this:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.