Blogs

Open-source software usage slowing down for fear of vulnerabilities, exposures, or risks

Published

on

Anaconda released its annual 2022 State of Data Science report, revealing the widespread trends, opportunities, and perceived blockers facing the data science, machine learning (ML), and artificial intelligence (AI) industries. The global study targeted the open-source community through three cohorts of academics, industry professionals, and students.

While open-source software was created by and for developers, it is now an integral part of commercial software development and the backbone for continuous enterprise innovation. Of those surveyed, 20% identified open source’s speed of innovation and affordability as the most valued benefits of its usage.

When asked about the biggest threats to further innovation and advancement within the open-source community, respondents focused on several areas:

Concerns around open-source security are growing

Open-source security continues to be top of mind, given incidents that have troubled the industry over the last year, including the Log4j breach and the rise of protestware. As a result, 40% of professional respondents indicated that their organizations scaled back their open-source software usage in the past year due to concerns around security. Additionally, 31% of professionals stated that “security vulnerabilities” were the biggest challenge in the open-source community today.

While most organizations use open-source software, of the 8% of respondents whose organizations are not, 54% said the biggest reason is fear of potential vulnerabilities, exposures, or risks. This is a 13% increase from the 2021 report, reaffirming the escalated security awareness across the industry in 2022.

Talent shortages are distressing organizations

Organizations attempting to scale their data science efforts and accelerate technology advancements and adoption have had to weather the effects of talent shortage challenges. 90% of professional respondents indicated that their organizations are concerned about the potential impact of a talent shortage, with 64% saying they were most concerned about their organization’s ability to recruit and retain technical talent. 56% feel that insufficient talent or headcount in the data science area is one of the biggest barriers to the successful enterprise adoption of data science.

“With data scientists continually cited as one of the best careers in the U.S., the pool of talent is sure to catch up to the demand,” said Jessica Reeves, SVP of Operations at Anaconda. “Solutions proving successful to help close this gap include upskilling existing workforces and permitting stronger remote work options. Organizations should bolster the tools and resources available for continued learning, and academic institutions should fill in the skills gaps for students and turn them into strengths as they prepare to enter the workforce.”

Ethics, bias, and regulation need more attention—especially in education

Ethical challenges in AI, ML, and data gathering have never been more in the public consciousness, yet progress is still needed in the space. 75% of professional respondents feel the government should play a larger role in strengthening technological innovation and manufacturing, with 70% saying they would support more funding for STEM and tech-based schooling.

Contrastingly, only 19% of student respondents are currently learning ethics in AI/ML/data science lectures, and 32% of students rarely or never have been taught bias in AI/ML/data science classes. These findings highlight the need for educational institutions to adjust learning paths to reflect and prepare those entering the workforce and shaping the future of data science.

“It’s incredible what the community has achieved over the past decade alone. Many companies wouldn’t exist without the open-source foundations they’re built on today,” said Peter Wang, CEO of Anaconda. “But to tackle these challenges successfully and continue innovating the future enterprise, we must keep reinvesting in the open-source community and its infrastructure. I’m hopeful about where the industry’s priorities rest and the next generation of talent entering the workforce.”

Source: https://www.helpnetsecurity.com/2022/09/20/open-source-security-concerns/

Click to comment
Exit mobile version