One of the key ways software development organizations drive efficiency is by drawing on libraries of existing, reusable software components when creating their own software products and services. This helps accelerate digital innovation, but the advantages come with a trade-off: Organizations accept, sometimes unknowingly, a degree of risk that can lead to serious cybersecurity issues.
That risk was highlighted in December 2021, when it came to light that a widely used open-source software framework called Log4j contained a critical vulnerability.1 The news made headlines because countless pieces of software deployed in organizations, government agencies, and people’s homes depend on this logging framework for the Java programming language. Security experts found that exploits built on the Log4Shell vulnerability, as it came to be known, could have devastating consequences for companies and individuals. And exposure to that vulnerability was found to be stunningly broad: The code had become embedded in software systems on a grand scale, introducing a serious vulnerability into many critical systems around the world. The Log4j exposure should be a wake-up call to executives to better understand software reuse and how to mitigate the risk of using it in their organizations.
This story is from the Summer 2022 edition of MIT Sloan Management Review.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 8,500+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the Summer 2022 edition of MIT Sloan Management Review.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 8,500+ magazines and newspapers.
Already a subscriber? Sign In
The Trouble With Your Innovation Contests
Not all innovation contests should be winner-takes-all or judged by senior executives. New research shows how to structure contests to meet specific goals.
Scaling Automation: Two Proven Paths to Success
Lessons from two leading hospital systems show how to overcome the obstacles to automation.
How Tech Fails Late-Career Workers
Managers must make deliberate choices to support older workers' use of complex technologies.
Building Culture From the Middle Out
Midlevel leaders are critical to fostering an organizational culture that’s healthy and vibrant.
Why Manufacturers Need a Phased Approach to Digital Transformation
Those that succeed with this difficult work break it into three stages, each with its own guiding metrics.
Will Large Language Models Really Change How Work Is Done?
Even as organizations adopt increasingly powerful LLMs, they will find it difficult to shed their reliance on humans.
How to Make Better Friends at Work
Friendships in the workplace can enrich our lives and make us better leaders and workers if we make the effort to cultivate truly healthy relationships.
Health Care Platforms Need a Strategy Overhaul
To succeed, digital health platforms must shift their approach in three key areas.
Steer Clear of Corporate Venture Capital Pitfalls
Big companies and risk capital can be awkward partners. Here’s how to get corporate venturing right.
New Markets, New Opportunities: Identifying Where and How to Make Your Play
How do leaders determine whether to build a new business around a promising new technology?