One of the key ways software development organizations drive efficiency is by drawing on libraries of existing, reusable software components when creating their own software products and services. This helps accelerate digital innovation, but the advantages come with a trade-off: Organizations accept, sometimes unknowingly, a degree of risk that can lead to serious cybersecurity issues.
That risk was highlighted in December 2021, when it came to light that a widely used open-source software framework called Log4j contained a critical vulnerability.1 The news made headlines because countless pieces of software deployed in organizations, government agencies, and people’s homes depend on this logging framework for the Java programming language. Security experts found that exploits built on the Log4Shell vulnerability, as it came to be known, could have devastating consequences for companies and individuals. And exposure to that vulnerability was found to be stunningly broad: The code had become embedded in software systems on a grand scale, introducing a serious vulnerability into many critical systems around the world. The Log4j exposure should be a wake-up call to executives to better understand software reuse and how to mitigate the risk of using it in their organizations.
This story is from the Summer 2022 edition of MIT Sloan Management Review.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the Summer 2022 edition of MIT Sloan Management Review.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber? Sign In
Avoiding Harm in Technology Innovation
To capitalize on emerging technologies while mitigating unanticipated consequences, innovation managers need to establish a systematic review process.
Make a Stronger Business Case for Sustainability
When greener products and processes add costs, managers can shift other levers to maintain profitability.
How to Turn Professional Services Into Products
Product-based business models can help services firms achieve greater scale and profitability. But the transformation can be challenging.
Do You Really Need a Chief AI Officer?
The right answer depends on the strategic importance and maturity of AI in your company.
Where To Next? Opportunity on the Edge
Doing business in regions considered less stable or developed can pay off for companies. But they must invest in working with local communities.
Make Smarter Investments in Resilient Supply Chains
Many companies invest in resilience only after a disruption. Applying the concept of real options can help decision makers fortify supply chain capabilities no matter the crisis.
The Three Traps That Stymie Reinvention
Organizational identity, architecture, and collaboration can be either assets or liabilities to pursuing growth in new sectors.
What Makes Companies Do the Right Thing?
Vaccine makers varied widely in their engagement with global public health efforts to broaden access to COVID-19 immunizations. Ethically motivated leadership was a dominant factor.
Build the Right C-Suite Team for Your Strategy
CEOs can foster a more effective leadership team by understanding when to tap senior executives' competitive instincts and when to encourage collaboration.
A Better Way to Unlock Innovation and Drive Change
A strengths-based approach to building teams can win employee commitment to change and foster an inclusive, agile culture.