One of the key ways software development organizations drive efficiency is by drawing on libraries of existing, reusable software components when creating their own software products and services. This helps accelerate digital innovation, but the advantages come with a trade-off: Organizations accept, sometimes unknowingly, a degree of risk that can lead to serious cybersecurity issues.
That risk was highlighted in December 2021, when it came to light that a widely used open-source software framework called Log4j contained a critical vulnerability.1 The news made headlines because countless pieces of software deployed in organizations, government agencies, and people’s homes depend on this logging framework for the Java programming language. Security experts found that exploits built on the Log4Shell vulnerability, as it came to be known, could have devastating consequences for companies and individuals. And exposure to that vulnerability was found to be stunningly broad: The code had become embedded in software systems on a grand scale, introducing a serious vulnerability into many critical systems around the world. The Log4j exposure should be a wake-up call to executives to better understand software reuse and how to mitigate the risk of using it in their organizations.
Diese Geschichte stammt aus der Summer 2022-Ausgabe von MIT Sloan Management Review.
Starten Sie Ihre 7-tägige kostenlose Testversion von Magzter GOLD, um auf Tausende kuratierte Premium-Storys sowie über 8.000 Zeitschriften und Zeitungen zuzugreifen.
Bereits Abonnent ? Anmelden
Diese Geschichte stammt aus der Summer 2022-Ausgabe von MIT Sloan Management Review.
Starten Sie Ihre 7-tägige kostenlose Testversion von Magzter GOLD, um auf Tausende kuratierte Premium-Storys sowie über 8.000 Zeitschriften und Zeitungen zuzugreifen.
Bereits Abonnent? Anmelden
Ask Sanyin: How Do You Build for an Unpredictable Future?
While the pandemic was a wild ride of uncertainty for me and many of my peers in leadership, it feels like we never regained our footing.
What You Still Can't Say at Work
Most people know what can’t be said in their organization. But leaders can apply these techniques to break through the unwritten rules that make people self-censor.
Make Character Count in Hiring and Promoting
Most managers focus on competencies when evaluating candidates but it’s character that will transform the DNA of the organization. Here’s how to assess it.
Why Influence Is a Two-Way Street
Managers achieve better outcomes when they prioritize collaborative decision-making over powers of persuasion.
Know Your Data to Harness Federated Machine Learning
A collaborative approach to training AI models can yield better results, but it requires finding partners with data that complements your own.
How Integrating DEI Into Strategy Lifts Performance
Incorporating diversity, equity, and inclusion practices into core business planning can provide a competitive edge.
The Myth of the Sustainable Consumer
Companies that understand the different kinds of consumers for sustainable products can market to them more effectively.
A Practical Guide to Gaining Value From LLMs
Getting a return from generative AI investments requires a systematic approach to analyzing appropriate use cases.
Improve Workflows by Managing Bottlenecks
Understand whether process or resource constraints are stalling work.
Craft Schedules That Work for Everyone
Business leaders can improve retention and business performance with schedules that make sense for workers’ lives.
