Linux Foundation Training & Certification, ISC2, and Open Source Security Foundation (OpenSSF) today announced a new collaboration to empower the open source cybersecurity community through secure software development, knowledge sharing, education, certification and much more. Together, the three organizations will lead the way to secure software development and lifecycle management for open source code.
Read More: CIO Influence Interview with Russ Ernst, Chief Technology Officer at Blancco
The collaboration will initially focus on helping software development professionals around the world build code that ensures strong cybersecurity is a key component of the code’s design and execution. The existing training and certification resources of the organizations, including ISC2’s globally recognized Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP) and Certified in Cybersecurity (CC) certifications as well as the Linux Foundation’s IT Professional Program for Cloud Engineers and Certified Kubernetes Security Specialist (CKS), will be used in their respective programs to provide a blend of open source compliance and cybersecurity training along with best practices.
Additional planned initiatives include:
- Developing new, roles-based learning programs that include courses, certifications and reality-based practice labs. The initial area of focus will be on developing secure microservices.
- Providing an authoritative voice on cybersecurity regulations, requirements and best practices, with an emphasis on secure collaborative software development.
- Producing relevant research tools for the industry to better identify needs and track the effect of cybersecurity initiatives.
The impact of open source code as it relates to cybersecurity cannot be overlooked. It fuels innovation worldwide and is estimated to be in use at 90 percent of commercial organizations, enabling companies and consumers to thrive in countless ways.
“Despite the accelerating cyber risks, too little attention and too few resources are devoted to cybersecurity,” said Clyde Seepersad, SVP, General Manager, Training & Certification, Linux Foundation. “By aligning the resources and objectives of our collective organizations we hope to increase our overall impact on cybersecurity for the betterment of all.”
“With organizations and consumers under constant threat, the collaboration between the world’s largest open source software foundation and the world’s largest cyber security professional association will prove to be a powerful force in securing a safe future for all,” said ISC2 CEO Clar Rosso, CC. “Secure open source code is critical, as it is the bedrock of so much innovation around the globe. Together with the Linux Foundation, ISC2 is dedicated to ensuring developers have access to the education and training they need to deliver more secure and resilient solutions.”
“Education is one of the best ways to ensure that open source software is secure by construction,” said Omkhar Arasaratnam, GM, OpenSSF. “Our partnership with ISC2 will help to improve access to quality security education for everyone.”
Read More: CIO Influence Interview with Lior Yaari, CEO and Co-Founder at Grip Security
Why now? First, many organizations, governments, and individuals rely on the tremendous output of these communities to ensure code is secure and trustworthy. Second, the burden of security globally – through regulation and policy – is shifting from consumers to developers. The companies, organizations and individual IT professional contributors who develop solutions using open source code need the necessary security expertise to embed best practices throughout every stage of the software development process.
Read More: CIO Influence Interview with Antoine Jebara, Co-Founder and GM, MSP Products at JumpCloud
[To participate in our interview series, please write to us at sghosh@martechseries.com]
