The early lessons from Log4j indicate that key security principles can help better handle these high-risk software supply chain security incidents if teams have proper support.