One of the key ways software development organizations drive efficiency is by drawing on libraries of existing, reusable software components when creating their own software products and services. This helps accelerate digital innovation, but the advantages come with a trade-off: Organizations accept, sometimes unknowingly, a degree of risk that can lead to serious cybersecurity issues.
That risk was highlighted in December 2021, when it came to light that a widely used open-source software framework called Log4j contained a critical vulnerability.1 The news made headlines because countless pieces of software deployed in organizations, government agencies, and people’s homes depend on this logging framework for the Java programming language. Security experts found that exploits built on the Log4Shell vulnerability, as it came to be known, could have devastating consequences for companies and individuals. And exposure to that vulnerability was found to be stunningly broad: The code had become embedded in software systems on a grand scale, introducing a serious vulnerability into many critical systems around the world. The Log4j exposure should be a wake-up call to executives to better understand software reuse and how to mitigate the risk of using it in their organizations.
Bu hikaye MIT Sloan Management Review dergisinin Summer 2022 sayısından alınmıştır.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber ? Giriş Yap
Bu hikaye MIT Sloan Management Review dergisinin Summer 2022 sayısından alınmıştır.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber? Giriş Yap
RESEARCH SNAPSHOT: The Link Between Worker Ownership and Workplace Safety
WHAT DOES EMPLOYEE OWNERSHIP IN A COMPANY HAVE TO DO WITH workplace safety? A lot, according to a new study published in the journal Management Science.
THREE THINGS TO KNOW ABOUT: M&As AND TECHNOLOGY
MERGERS AND ACQUISITIONS ARE A KEY growth strategy for companies - and we may see an uptick in such activity, given expectations of less-stringent antitrust regulation from the new U.S. administration.
Four Leadership Loads That Keep Getting Heavier
You dreamed of being an inspiring leader, but you're fighting fires every day instead. Here are no-nonsense tips for managing the stress of leading in “interesting” times.
Consumers Are Gaining the Right to Repair Are You Ready?
Manufacturers must begin to design for repairability and prepare for a more competitive services aftermarket.
Break Down Silos for Visibility Into Enterprise Risk
Companies today must manage an increasingly complex array of risks, including cybersecurity threats, the impact of geopolitical tensions and major weather events on supply chains, and economic volatility — among others. Many businesses are challenged to marshal sufficient resources, personnel, and advanced technology to fully understand potential threats. But few recognize that their efforts are also hindered by the silos within their risk management functions that leave their teams with visibility into only select pieces of the overall threat matrix.
The Way to Net Zero: Reducing Emissions Takes Teamwork
As chemical sector giants BASF and Henkel pursued transformations to make good on net-zero pledges, they unlocked new strategies by collaborating.
What Leaders Get Wrong About Employee Motivation
Flawed assumptions about what motivates people to work can lead to counterproductive management tactics. Research points to a better way.
Building One KPI to Rule Them All
Here's how an online travel company set out to develop a complex metric to keep decisions made by the business development team aligned with strategy.
How to Embed Purpose at Every Level
Leaders must find ways to execute on sustainability aspirations throughout the organization, including prioritizing investments and optimizing operating plans.
How Remote Work Changes Design Thinking
Replacing onsite design-thinking sessions with virtual ones fundamentally changes the innovation process and outcomes.
