Until recently, the term “software supply chain” was rarely uttered outside of the offices of CIOs and senior government officials. But in the wake of high profile attacks like SolarWinds, times have changed. Now, software supply chain security is the subject of boardroom conversations and New York Times headlines.
Partially in response to these incidents, just a few weeks ago the US government put out an executive order on improving the nation’s cybersecurity that may fundamentally change the way software is produced. In this panel, expert industry analysts and practitioners will discuss the current state of the open source software supply chain and what we can do to make it safer and more secure.
Tom has been part of the open source community since 1997, when he skipped the last day of his junior year of high school to attend Linux Expo. He spent 19 years at Red Hat doing almost every possible job, before moving on to the Open Source Strategy and Marketing (OSSM) team at Amazon Web Services. He has been a major contributor to the Fedora Project since day one, maintaining several hundred software packages, and was the initial author for the Fedora Packaging Guidelines. He also worked closely with Red Hat Legal as the Fedora Legal liason for 15 years, establishing (and enforcing) the rules for licensing and legal compliance for the Fedora community. In his spare time, he enjoys gaming, 3d printing, hardware hacking, sci-fi, and comics.