Security

Business Conditions Prime for More Open-Source Contributors

Companies that established open-source program offices over the last few years now need more C-suite oversight to drive education, awareness, and use of open-source software. That sets the stage for an expanded role of open-source program officers.

Incorporating open-source technology brings organizations an ecosystem that expands the user base, resulting in loyalty and stickiness. It also brings the need for more executive oversight of open-source initiatives. Staying on top of open-source security best practice is critically important, and disclosing and patching vulnerabilities is essential.

Javier Perez, the chief open-source evangelist at Perforce, sees a trend unfolding in 2023 to drive open source. More organizations will realize that open-source software is critical to their operation and will move from being consumers to participants with increased use and adoption for business-critical infrastructure.

He noted that all software now contains open-source components, but some companies do not even realize how much open source they use.

More businesses are no longer just consumers of open source. They are becoming active contributors, evangelizing, and educating their engineering teams. So, whether using fully open-source or commercial products with embedded open-source code, organizations need to pay more attention to their software license management.

How to do this requires a shift in focus to the duties of open-source program offices. According to Perez, as many as half of all the organizations in the software summit Perforce runs have such officers.

“It is becoming more popular and strategic. Talking about strategy is what open-source project companies are going to invest in,” Perez told LinuxInsider.

Threat Vectors and the Role of the CISO

Despite the growing use of open source across all industries, the continuing malicious software supply chain attacks will slow open-source adoption this year, warned Paul Speciale, chief marketing officer at data management firm Scality.

Malware and ransomware attacks have ballooned such that intrusions now occur every few minutes across the globe, costing businesses millions of dollars per incident and consuming untold IT cycles. He explained that we have already witnessed compromised security in commercial software solutions, as seen in recent high-profile attacks.

“Open-source software dependencies will become an increasing threat vector, causing enterprises to more carefully evaluate and vet these technologies before employing them at scale,” Speciale told LinuxInsider.

This year will see a shift in focus on regulating software, not unlike actions taken already by European governments, suggested Eric Cole, an advisor for data security firm Theon Technology and former CIA professional hacker.

“We will see a big shift in the CISO (chief information security officer) role, including a spike in hiring and firing when it comes to the CISO position,” Cole told LinuxInsider.

He predicted the position would pivot to hiring more business-oriented individuals who can communicate to the board rather than the current tech people presently filling the role.

Unified Offerings Key OSS Strongholds

A continuing move toward modular software solutions will drive new adoptions towards open source solutions in 2023, according to Moses Guttmann, CEO and co-founder of ClearML, a machine learning operations platform developer.

MLOps teams must consider open-source infrastructure instead of getting locked into long-term contracts with cloud providers. While organizations doing machine learning at hyper-scale can undoubtedly benefit from integrating with their cloud providers, it forces these companies to work the way the provider wants them to work, he offered.

“Open source delivers flexible customization, cost savings, and efficiency. You can even modify open-source code yourself to ensure it works exactly the way you want. Especially with teams shrinking across tech, this is becoming a much more viable option,” Guttmann told LinuxInsider.

One of the factors slowing down MLOps adoption is the plethora of point solutions. That does not mean they do not work, he offered. But they might not integrate well together and leave gaps in the workflow.

“Because of that, I firmly believe that 2023 is the year that the industry moves towards unified, end-to-end platforms built from modules that can be used individually and integrate seamlessly,” said Guttmann.

Open-Source Adoption in 2023

This year, it will become evident that open source is not just the domain for large enterprises like IBM, Google, Red Hat, and Microsoft. It is now a necessity for every industry and smaller companies as well.

“We see a lot of banks now directly contributing to open source because they gain the expertise. So, we see adoptions across all industries. Many companies are becoming more receptive to open source and getting more actively involved in maintaining and advancing open source,” Perez concluded.

Jack M. Germain

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open-source technologies. He is an esteemed reviewer of Linux distros and other open-source software. In addition, Jack extensively covers business technology and privacy issues, as well as developments in e-commerce and consumer electronics. Email Jack.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Security

Technewsworld Channels