BlackBerry gains OpenChain Security Assurance Specification Conformance in Americas

BlackBerry is the first business in the Americas to gain the OpenChain Security Assurance Specification

BlackBerry  is the first business in the Americas to gain the OpenChain Security Assurance Specification, a best-in-class validation of the company’s ability to manage open-source vulnerabilities and risks as part of its software supply chain, with a view to providing a higher level of security assurance for customers.

The Linux Foundation’s OpenChain Project works to establish trust in open-source software. Use of the OpenChain Security Assurance Specification will enable BlackBerry customers to have increased confidence in the company’s ability to manage the use of open-source software across its Cybersecurity and IoT product portfolios.

“Building a more resilient and trusted software supply chain is critical to the future of secure software, and BlackBerry is proud to be a leader in this space,” said Christine Gadsby, Vice President, Product Security at BlackBerry.

“We’re committed to adopting a higher standard for our software supply chain as cyberattacks grow and stringent regulatory standards come into effect.”

The milestone builds on BlackBerry’s previous adoption of OpenChain ISO/IEC 5230:2020, the international standard for open-source license compliance, which defines the key elements of a quality open-source compliance program and allows companies of all sizes and sectors to adopt them.

“Cyberattacks are increasing in frequency, severity, and sophistication. Securing software supply chains is a priority for organizations of all sizes in all industries as they look to reduce their overall business risk profile,” said Frank Dickson, Group Vice President, Security and Trust at IDC.

“Protecting sensitive data is paramount in achieving this objective, particularly in the face of potential financial loss and reputational damage. Following respected third-party standards and specifications is an excellent way for organizations to communicate and demonstrate a commitment to current best practice security processes and sustainability of their approach in moving forward.”