What software supply chain security really means
In the spring of 2020, it really mattered to me what the definition of “software supply chain security” ought to be. I was working at In-Q-Tel, a strategic investor for the US intelligence community, and co-authoring a research paper that attempted to measure the frequency of software supply chain attacks. We picked a definition that emphasized…