Software supply chain security faces significant challenges despite progress. Developers struggle with new regulations and compliance, often lacking training and awareness. The burden of compliance falls on vendors, adding to developers’ stress. A global cybersecurity skills matrix is introduced to identify essential skills, while a new vendor ecosystem aims to support security needs. There is also a push for AI to integrate with software development practices for better security.