There are many security and business risks in developing and releasing software (eg. supply chain attacks, misconfigurations & security-relevant bugs), and many ways to manage them. For companies, this is just another risk to be managed.