Latest Thoughtworks Technology Radar Reveals Greater Business Focus on Software Supply Chain Innovation

Rhea-AI Summary

Thoughtworks (NASDAQ: TWKS) has released Volume 26 of its Technology Radar, a report focused on digital innovation and security in software supply chains. This edition emphasizes practical security measures for businesses following a rise in serious cyber breaches. Key themes include innovations in software supply chains, the evolving economics of open-source software, and the importance of data catalogs. The report highlights the growing necessity for organizations to adopt responsible engineering practices and validate software dependencies to enhance overall security.

Positive

• Release of Technology Radar Volume 26 highlights critical innovations in software supply chain security.
• Offers practical tools and engineering practices for managing supply chain security.
• Addresses the changing economics of open-source software, enhancing developer agility.

Negative

• Increased emphasis on software supply chain security may indicate previous vulnerabilities.

In its 12th year, the bi-annual report from global technology consultancy Thoughtworks also spotlights the changing economics of open source software

CHICAGO--(BUSINESS WIRE)-- Thoughtworks (NASDAQ: TWKS), a global technology consultancy that integrates strategy, design and engineering to drive digital innovation, today released Volume 26 of the Technology Radar, a biannual report informed by Thoughtworks’ observations, conversations and frontline experience solving its clients’ toughest business challenges. While the concept of securing the software supply chain has been around for a few years, one of the major themes of the report is how there are now practical steps for businesses in the pathway to highly secure software in production and beyond.

In May 2021, the U.S. White House published its Executive Order on Improving the Nation's Cybersecurity. One section addresses enhancing software supply chain security. Realizing it’s no longer sufficient to only write secure code, businesses are now expanding their understanding of the security risks throughout the entire software supply chain and investing in more responsible engineering practices, including validating and governing project dependencies. Checklists and standards such as the Supply chain Levels for Software Artifacts (SLSA) are new entries to this edition of the Radar, demonstrating that there are now pragmatic tools that are taking how to address this issue beyond the theoretical.

“A confluence of events — whether public instances of severe, brand-impacting breaches or government mandates — has increased the emphasis businesses are placing on understanding the complexity and the breadth of the ecosystem involved in the software supply chain,” said Dr. Rebecca Parsons, chief technology officer at Thoughtworks. “While many organizations focus on systems in production, it is just as critical to place the same strong level of controls on testing, sandbox and cloud environments. While it's a daunting proposition, there are now concrete tools and engineering practices to help businesses manage and automate supply chain security as they work to keep their systems highly secure.”

Highlighted themes included in Technology Radar Vol. 26 include:

• Software supply chain innovations: Hackers are increasingly taking advantage of the asymmetrical nature of offense and defense in the security arena — they only need to find one vulnerability, whereas defenders must secure the entire attack surface — while employing increasingly sophisticated hacking techniques. Improved supply chain security is a critical piece of the response as businesses work to keep systems secure.
• The bizarre bazaar: The changing economics of open-source software Open-source software improves developer agility and crowdsources both bug fixes and innovation. The many different approaches to commercialization of and support for open-source software demonstrate the immense economic complexity of the current ecosystem.
• Why do developers keep implementing state management in React?: Typically after a foundational framework becomes popular, it’s followed by a raft of tools creating an ecosystem for improvements and enhancements and ends with consolidation around a few popular tools. However, React state management seems resistant to this common tendency.
• The neverending quest for the master data catalog: The desire to get more value out of corporate data assets continues to drive investment. A renewed interest in corporate data catalogs is leading to a surge of clever new tools with expanding feature sets that address governance, quality management and publishing. In contrast to this trend, there is also a growing movement away from centralized, top-down data management and toward federated governance and discovery based on a data mesh architecture.

Visit www.thoughtworks.com/radar to explore the interactive version of the Radar or download the PDF version.

Supporting resources:

• Keep up with Thoughtworks news by visiting the company’s website
• Follow us on Twitter, LinkedIn and YouTube.

- ### - <TWKS915>

About Thoughtworks
Thoughtworks is a global technology consultancy that integrates strategy, design and engineering to drive digital innovation. We are 10,000+ people strong across 49 offices in 17 countries. Over the last 25+ years, we’ve delivered extraordinary impact together with our clients by helping them solve complex business problems with technology as the differentiator.

View source version on businesswire.com: https://www.businesswire.com/news/home/20220329005083/en/

Media:

Linda Horiuchi, global head of public relations

Email: linda.horiuchi@thoughtworks.com

Phone: +1 (646) 581-2568

Source: Thoughtworks

FAQ

What are the key themes in Thoughtworks' Technology Radar Volume 26?

Key themes include software supply chain innovations, the economics of open-source software, state management in React, and the quest for effective data catalogs.

When was the Thoughtworks Technology Radar Volume 26 released?

The Technology Radar Volume 26 was released on March 29, 2022.

How does the Technology Radar address software supply chain security?

The report details practical steps and tools for improving software supply chain security, emphasizing the need for comprehensive governance and validation of project dependencies.

What impact does the Executive Order on Cybersecurity have on Thoughtworks?

The Executive Order has increased business focus on understanding and managing security risks in the software supply chain, which aligns with themes in Thoughtworks' latest report.