loader gif

Inside the Government's Open Source Software Conundrum

Inside the Government's Open Source Software Conundrum (Govt., Critical Infrastructure)

The breach highlights one of the most pressing issues facing the cybersecurity community today: How do government agencies and private companies make sure the open source software that underlies nearly every piece of tech on the market is safe to use? For people unfamiliar with the software development world, open source software is essentially chunks of code that are available online for anyone to use. The popularity of open source software has exploded in recent years to keep up with the growing demand for fresh tech, according to Derek Weeks, vice president of the software security company Sonotype. If a block of open source code contains a vulnerability, developers who use it are unknowingly building the bug into their software. Historically, the tech community assumed open source code was comparatively secure because it’s touched by so many different developers, but that’s not necessarily the case, according to Emile Monette, a cyber supply chain risk specialist at the Cybersecurity and Infrastructure Security Agency.

loader gif