When companies buy software, they tend to assume it’s secure – but they shouldn’t. Vulnerabilities in the digital supply chain are the responsibility of both developers, vendors, and customers, but right now cybersecurity isn’t a priority for either party. There are two key miscalculations that are bound up in this: