Page 104 - Cyber Defense eMagazine September 2022
P. 104
Protecting Government Data at The Intersection of Zero
Trust and Open Source
By Rick Vanover, Senior Director, Product Strategy, Veeam
As the federal government continues its emergence from the pandemic, its information technology
strategy is being influenced by two compelling, but divergent trends—zero trust and open source.
Thanks in part to the White House’s 2021 Executive Order on Improving the Nation’s Cybersecurity, the
most prominent of these trends may be zero trust adoption. But some fear cybersecurity gain could be
weakened by the growing popularity of open-source software.
According to the 2020 Federal Source Code Study, 80% of the more than 6,800 federal software projects
listed on Code.gov are open source, allowing developers to innovate quickly, lower cost for deployment
and provide more vendor choice.
Open source’s crowd-supported approach to innovation could improve cybersecurity but the
transparency of the source code can allow attackers to creatively inject malware. A 2020 research paper
entitled the “Backstabber’s Knife Collection,” detailed 174 malicious software packages “used in real-
Cyber Defense eMagazine – September 2022 Edition 104
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.