Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [open-regulatory-compliance] FYI: New initiative from LF

Hi Dick,

From the project lead/open source steward point of view this initiative appears appealing (under next steps...tools, processes, best practices, compliance resources for upstream OSS projects, etc).

I had thought that the ORC WG (sig?) was working collaboratively with OpenSSF and/or Linux Foundation (Europe I guess from docs)...is that incorrect?

Scott

On 1/31/2025 6:43 AM, Dick Brooks via open-regulatory-compliance wrote:

https://www.linuxfoundation.org/press/openssf-and-lf-europe-launch-cra-initiative

 

Not sure what this means for the broader open source software community, but will be interesting to see where this goes.

 

I certainly agree with this statement:

 

Cybersecurity is a matter of global concern. I am excited to see efforts like the  EU’s CRA come online as it touches on topics we've been working to embed within organizations’ cybersecurity practices for decades," said Christopher “CRob” Robinson, Chief Security Architect of the OpenSSF.

 

 

Thanks,

 

Dick Brooks

  

Active Member of the CISA Critical Manufacturing Sector,

Sector Coordinating Council – A Public-Private Partnership

 

Never trust software, always verify and report!

Risk always exists, but trust must be earned and awarded.™

https://businesscyberguardian.com/

Email: dick@xxxxxxxxxxxxxxxxxxxxxxxxx

Tel: +1 978-696-1788

 

 


_______________________________________________
open-regulatory-compliance mailing list
open-regulatory-compliance@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org

Back to the top