The following regulations and frameworks have impacted the software supply chain between 2014 and 2025: The Cyber Supply Chain Management and Transparency Act 2014 (Royce bill), The European Union General Data Protection Regulation (GDPR) (2018), The California Consumer Privacy Act (CCPA) (2020), Cybersecurity Maturity Model Certification (CMMC) (2020), Executive Order 14028 (2021), BSI Update (Germany, 2021), The European Union Agency for Cybersecurity (ENISA) (2021), The Network and Information Systems Directive (NIS2 Directive) (2023), The Digital Operational Resilience Act (DORA) (2023), Secure by Design (2023), Self-attestation (2023), Security through Integrated Economic Measures (2023), The CISA Cybersecurity Strategic Plan (2023), The Cyber Resilience Act (2024), Product Liability Directive (PLD) (2024/2025), and The Association of Southeast Asian Nations (ASEAN) (2025).

Authors

• Person: Not available Organization: Sonatype
  State of the Software Supply Chain Report | 10 Year Look - Sonatype

Sources

• State of the Software Supply Chain Report | 10 Year Look - Sonatype www.sonatype.com Sonatype via serper

Referenced by nodes (3)

• ASEAN entity
• U.S. Executive Order 14028 event
• CISA entity