As the software industry struggles to recover from a supply chain security crisis, a study from Venafi indicates industry executives are saying the right things but doing very little to back up the rhetoric with decisive action to ensure vendor security.