OVERVIEW
99% of the world’s software has at least some open source code dependencies. Open source code is at the heart of almost all of the industry’s most innovative new software. As a result, vulnerabilities in open source code can have a global ripple effect across the billions of developers and services that rely on it. Of course, open source code often means bugs are found quicker and patched faster than in proprietary closed systems. It is nonetheless essential that all organizations understand what the latest best security practices are how they can minimize their organization’s risk when dealing with open source software.
In this session, we have gathered a number of speakers from a wide range of backgrounds to discuss best practices and approaches to effectively manage security and risk with today’s software supply chains.
AGENDA
4:30 – [20 mins, 10 min Q&A] Securing the world’s code together – Stormy Peters, GitHub
Stormy Peters is Head of Community for GitHub, the world’s largest developer platform and was previously Director of Microsoft’s Open Source Program Office. Stormy recently represented GitHub at the White House’s Open Source Software Security Summit. Stormy will discuss how the tech industry can come together with the open source community to collectively secure the software supply chain. She will give a high level overview of the tools and best practices available to developers to improve how they securely use and incorporate open source code.
5:00 – [75 mins] Panel Session on Open Source Security & Risk Management Open Source Software in Irish Government
In this session, we will hear from four industry representatives on the topic of open source security and risk management. From large corporations to specialist service companies, this session will address many of the issues IT departments and software developers face while securing their software supply chain.
The format will be 4 x 10 min lightning talks to give background and context for each of the speakers, followed by a 30 min moderated panel where the audience can add their own questions to the discussion.
4x 10 min quick presentations from each of our panellists (for background), followed by a panel session.
- [10 min] Ger McMahon – Head of ALM Tools and Platforms, Fidelity Investments
- [10 min] Brian Farrrell – Director & Founder, Securelinx
- [10 min] Martin Callinan – Founder of the OpenChainv & Partner, Source Code Control Ltd.
- [10 min] Michelle Kearns – Head of IT, Boots Ireland
- [30 min] Panel discussion with all four panellists, moderated by Clare Dillon, co-founder of Open Ireland Network.
6:10 – [5 mins] Event wrap up & close
6:15 – Event closed.
SPEAKER BIOS
Host: Florian Moss – Red Hat.
Florian Moss is a solution architect working for Red Hat in Ireland. He is just as passionate about software development as he is about IT infrastructure and large scale automation.
Clare Dillon – Open Ireland Network.
Clare Dillon has spent over 25 years working with developers and developer communities. In 2021, Clare co-founded Open Ireland Network, a community for those interested in advancing open source at a national level in Ireland. Last year, she was appointed Executive Director of InnerSource Commons, a community of practitioners with the goal of creating and sharing knowledge about InnerSource: the use of open source best practices for software development inside organizations. Clare also helps organize the OSPO++ Network to support the establishment of University and Government Open Source Program Offices globally. Previously, Clare was a member of Microsoft Ireland Leadership Team, heading up their Developer Evangelism and Experience Group. Clare frequently speaks at international conferences and corporate events on topics relating to the future of work, innovation trends and digital ethics.
Martin Callinan – Source Code Control Limited.
Martin has over 20 years’ experience providing organizations with strategies to manage business risks associated with open source software supply chains such as IP compliance processes, security vulnerability management and procurement. He is actively involved in the open source software risk management industry and is founder of the OpenChain (ISO/IEC 5230:2020) Partner, Source Code Control Limited.
Brian Farrell – Securelinx
Brian Farrell is the Director & Founder at Open Source Infrastructure Specialist at Securelinx. He has been championing the use of Linux and Open Source infrastructure software within organisations since 1997 and today leads a group of dedicated IT professionals within Securelinx all of whom are passionate about Open Source and its role within the modern enterprise. Securelinx teams deploy and support infrastructure for a wide range of Linux & Open Source use cases including core infrastructure, Public Cloud, Containers, Orchestration, Automation, High Performance Computing and Machine Learning – all the while focussing on performance, security and scalability.
Michelle Kearns – Boots Ireland
Michelle Kearns is Head of IT and a member of the Irish Leadership Team for Boots Ireland. Michelle is responsible for the IT functions, a multi-faceted role that includes internal systems and boots.ie. Michelle joined Boots Ireland following almost 17 years working for Caredoc, a GP co-operative providing healthcare services throughout Ireland, most recently as the Chief Information Officer, a role she fulfilled for the last four years of her tenure with the company. During this time, she was seconded to the HSE as a founding member of the Council of Clinical Information Officers and spent time as an adviser to the World Health Organisation. In 2016, she founded, and still holds the role of Director, at One HealthTech Ireland, a network that supports and promotes openness, inclusion, kindness and diversity in health innovation.
Gerard McMahon – Fidelity Investments
Gerard McMahon is a VP of Architecture in Enterprise Cloud Computing (ECC) at Fidelity Investments and currently is the Head of ALM Tools and Platforms, whose mission is to provide an open and flexible Software Delivery Platform to accelerate and increase the velocity of business value delivery with confidence at scale.
Ger is a strong advocate of Software Delivery Excellence and incorporating the principles of agility into engineering and operational excellence, for building high performing teams and enabling a DevOps culture. He is passionate about enabling the connection and collaboration of tools and services across the Software Delivery ecosystem for breaking down silo’s and creating data-driven insights to drive innovation, learning and improvement.
Ger is also a co-chair of Fidelity’s DevOps Councils whose mission is to define and drive DevOps and its adoption across Fidelity, in a uniform and consistent manner to improve efficiency, agility, quality, and security – while simplifying compliance.
Ger is an experienced technology leader with a passion for cloud, technology leadership and delivery excellence. He has a proven record of building and enabling high performing teams with a strong emphasis on cultivating a team learning culture. He is an innovative thinker who can leverage and adapt new emerging architectural technologies and patterns to build scalable, reliable and resilient solutions.
Stormy Peters – GitHub
Stormy Peters is Head of Communities at GitHub. Previously, she held the role of Director of the Open Source Programs Office at Microsoft. Stormy is passionate about open source software and educates companies and communities on how open source software is changing the software industry. She is a compelling speaker who engages her audiences during and after her presentations. She has given keynotes at 4,000+ person events such as OSCON, PyCon and LinuxConf Australia as well as talks to small groups. You can find videos of her talks online. Before joining Microsoft, Stormy held leadership positions in open source and developer roles at Red Hat where she was head of the Community Leads, the Cloud Foundry Foundation where she was VP of Developer Relations and Mozilla where she led Developer Relations. Previously, she served as executive director of the GNOME Foundation and at OpenLogic where she set up their OpenLogic Expert Community. Stormy graduated from Rice University with a B.A. in Computer Science.