Out of my archives, Conference Proceedings from the 2012 Open Cybersecurity Summit in D.C.
I’m getting ready to head back to Washington D.C. again soon to see how I can best help support the public good from my seat at the table, helping translate open source communities and foundation work to policy makers. I am grateful for the standing invitation.
In going through some of my old files, I stumbled upon the proceedings from the 2012 Open Cybersecurity Summit I’d produced in D.C. ten years ago ten years ago during National Cyber Security Awareness Month. If you’re not aware, since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace.
Today, while those of us deeply involved in the open source ecosystem have heard increasing discussion in Washington DC of open source’s relationship in critical supply chain concerns within the software industry, its easy to miss that the US government has historically viewed open source not only an asset for rapid innovation and flexibility, it has also been considered a cyber asset.
For several years I worked with a small team at Georgia Tech Research Institute (GTRI) on a program called HOST – Homeland Open Source Technology – sponsored by DHS Science and Technology Directorate under Doug Maughn’s leadership (now at NSF). Part of our program helped seed and monitor micro-investments in open source cyber security-related technology like OpenSSL, Suricata, OWASP updated best practices for securing web applications, and others. Making these solutions available to state and local government agencies as well as federal was a key goal. For me personally, it was the best of both worlds; supporting open source communities and public good.
If you’ve been around open source and cybersecurity you’ll see a cast of veterans in the conference proceedings; Dr. David Wheeler from DISA (now at Linux Foundation’s Open Source Software Foundation – OpenSSF); Dave Wichers from OWASP; Matthew Scholl from NIST National Cybersecurity Center of Excellence; Mark Bohannon from Red Hat (a former fed himself, still at Red Hat and serves on the OpenSSF Policy Committee); Joshua Davis from GTRI’s Cyber Security Lab head in the day. Leading up to the summit, we ran a series of local round-tables and think-tank sessions for state and local government with contributions from security luminaries like Gordon “Fyodor” Lyons and Kees Cook.
FWIW, consider this a Cyber Throw-back to close out the Awareness month with a nod to open source software’s long-standing critical role – and to the communities that create it. Cheers.