Educational institution
PLENARY 4 : Securing the Open-Source Frontier: Navigating Supply Chain Risks
Are you sure?
Do you want to register for this session?
Open-source components are literally everywhere in the digital infrastructure, products and services. The modern ecosystem offers a wealth of advantages for an open-source software developer, enabling fast, permission-less innovation However, incorporating third-party code, even from trusted sources, introduces an element of uncertainty. This uncertainty is precisely where supply chain attacks come into play and underscore the need for a proactive approach to security.
When contributing to or relying on open-source or any software development projects, it is essential to consider the integrity of the entire supply chain and ensure that all contributors across the chain adhere to best security practices. Collaborative efforts within the open-source community, such as code audits and timely updates, are essential in maintaining a robust defence against supply chain threats.
The panel will bring together experts in the area of software supply chain, open source and the software industry. It will discuss how open source empowers developers, but also obliges them to be vigilant guardians of the software supply chain and how, balancing the benefits with the risks, security measures are essential to uphold the trust placed in open-source development.
Moderated by Mirko Presser, Associate Professor, Aarhus University
Dr Melanie Rieback is the CEO/Co-founder of Radically Open Security (the world’s first not-for-profit cybersecurity company) and ‘Post Growth’ start-up incubator Nonprofit Ventures. She designed and teaches ‘post growth entrepreneurship’ at the University of Amsterdam Business School, and is a cybersecurity lecturer at Singularity University and former assistant professor of computer science at the Vrije Universiteit Amsterdam.
Melanie is a fellow of the Post Growth Institute, and was named ‘Most Innovative IT Leader of the Netherlands’ by CIO Magazine (TIM Award) in 2017, and one of the ‘9 Most Innovative Women in the European Union’ (EU Women Innovators Prize) in 2019.
She was described as one of the 400 most successful women in the Netherlands by Viva Magazine (Viva400) in 2010 and 2017, and one of the 50 most inspiring women in tech (Inspiring Fifty Netherlands) in 2016, 2017 and 2019. Her company, Radically Open Security, was named the 50th Most Innovative SME by the Dutch Chamber of Commerce (MKB Innovatie Top 100) in 2016.
SME
Non-Profit Computer Security Consultancy
We're an idealistic bunch of security researchers, networking/forensics geeks, and Capture The Flag winners that are passionate about making the world more secure. We believe in transparency and openness, and our goal is to secure the society that allows us to run a company in the first place.
Our Business Model
Radically Open Security prides itself on being the world's first not-for-profit computer security consultancy company.
We are prototyping an innovative new business model - using a Dutch "Fiscaal Fondswervende Instelling" (Fiscal Fundraising Institution) to provide a commercial front-end that sends 90% of our profits tax-free to a charitable foundation (Stichting NLnet) that has supported open-source, Internet research, and digital rights organizations for almost 20 years. Our low management/overhead costs mean we can afford to pay competitive wages to our computer security consultants. There are similar constructions in the world (B-corporations, Mozilla, etc..), but we tackle things from a slightly different angle.
Our idealism fuels our growth; it helps us to hire idealistic A-list security experts, and to find like-minded customers who want to use their security budget as a "vote" to support socially responsible entrepreneurship. We see ourselves as "hacking a new business model" for prototyping an ideal company - one that optimizes for benefit to the world (customers, employees, society) as opposed to profit motive (shareholders, investors, founders). Our hope is that, in a few years from now, we might inspire others to setup similar sustainable "not for profit businesses" in other industries. Call us dreamers, but we hope that we can help to move society forward in this way.
PLENARY 4 : Securing the Open-Source Frontier: Navigating Supply Chain Risks
Are you sure?
Do you want to register for this session?
Open-source components are literally everywhere in the digital infrastructure, products and services. The modern ecosystem offers a wealth of advantages for an open-source software developer, enabling fast, permission-less innovation However, incorporating third-party code, even from trusted sources, introduces an element of uncertainty. This uncertainty is precisely where supply chain attacks come into play and underscore the need for a proactive approach to security.
When contributing to or relying on open-source or any software development projects, it is essential to consider the integrity of the entire supply chain and ensure that all contributors across the chain adhere to best security practices. Collaborative efforts within the open-source community, such as code audits and timely updates, are essential in maintaining a robust defence against supply chain threats.
The panel will bring together experts in the area of software supply chain, open source and the software industry. It will discuss how open source empowers developers, but also obliges them to be vigilant guardians of the software supply chain and how, balancing the benefits with the risks, security measures are essential to uphold the trust placed in open-source development.
Moderated by Mirko Presser, Associate Professor, Aarhus University
NGO
PLENARY 4 : Securing the Open-Source Frontier: Navigating Supply Chain Risks
Are you sure?
Do you want to register for this session?
Open-source components are literally everywhere in the digital infrastructure, products and services. The modern ecosystem offers a wealth of advantages for an open-source software developer, enabling fast, permission-less innovation However, incorporating third-party code, even from trusted sources, introduces an element of uncertainty. This uncertainty is precisely where supply chain attacks come into play and underscore the need for a proactive approach to security.
When contributing to or relying on open-source or any software development projects, it is essential to consider the integrity of the entire supply chain and ensure that all contributors across the chain adhere to best security practices. Collaborative efforts within the open-source community, such as code audits and timely updates, are essential in maintaining a robust defence against supply chain threats.
The panel will bring together experts in the area of software supply chain, open source and the software industry. It will discuss how open source empowers developers, but also obliges them to be vigilant guardians of the software supply chain and how, balancing the benefits with the risks, security measures are essential to uphold the trust placed in open-source development.
Moderated by Mirko Presser, Associate Professor, Aarhus University