Supply chain attacks increased by https://www.aquasec.com/news/aqua-securitys-argon-experts-find-software-supply-chain-attacks-more-than-tripled-in-2021/, making clear that security breaches are happening earlier in the software development lifecycle. Developers need to trust not only the dependencies they use directly but also the dependencies of those dependencies, called transitive dependencies.
Poor security practices in software development translate to trust-breaking breaches and expensive losses, with the https://www.ibm.com/reports/data-breach.
Organizations, regardless of industry, must be securing developer workstations in order to be prepared for the evolving and growing number of attacks.
When considering settings, configurations, permissions, and scanning, remember that regardless of where the attack comes from, the trend of attacks is moving earlier in the development cycle, making securing developer workstations a critical step in your security strategy.