After two decades leading enterprise security across critical infrastructure and technology sectors, I’ve observed a dangerous pattern in how we discuss software supply chain attacks. The conversation focuses almost exclusively on risks hiding within open-source software packages. We’ve seen this firsthand through incidents where cybercriminals and nation-state actors leverage open-source code and platforms to their advantage. Some of the more recent and highly reported incidents include the social-engineered compromise of XZ Utils and the glaring flaw in the Log4j Apache library that was both trivially exploitable and widespread. Beyond these high-profile incidents, many others are lurking in open-source packages. However,…
Saša Zdjelar
Saša Zdjelar
Saša is the chief trust officer (CTrO) at ReversingLabs, and operating partner at Crosspoint Capital, with approximately 20 years of Fortune 10 global executive leadership experience. His CTrO scope includes leadership, oversight and governance of the CISO/CSO function, including product security, as well as partnering with other leaders on corporate and product strategy, strategic partnerships and research, and customer and technology advisory boards, including sponsoring the ReversingLabs CISO Council.