Skip to main content
All Posts By

Shane Coughlan

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source. Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.

Webinar: Semi-Automated Clearing Of Files With Proximity Matching

By automation, Featured, legal, licensing, News, Webinar

This webinar returned to automation topics with a review of how clearing can be made faster by using techniques like proximity matching. While approaches like this inherently depend on the technical ability of user companies, and their individual determinations of accuracy or risk, they do suggest avenues to increase efficiency-at-scale.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #39, released on 2022-04-22.

BlackBerry Strengthens Software Supply Chain with Corporate-Wide OpenChain ISO/IEC 5230:2020 Conformance

By Featured, News

First North American Company to Adopt International
Open Source Standard Across its Entire Product Portfolio

WATERLOO, ON and SAN FRANCISCO, CA – March 17, 2022 – BlackBerry Limited (NYSE: BB; TSX: BB) today announced that it is the first company based in North America to adopt and conform to OpenChain ISO / IEC 5230:2020 across its entire product portfolio. OpenChain is the International Standard for open-source license compliance and is designed to build trust in the supply chain. BlackBerry saw the need to lead in this space to adopt a higher standard for its software supply chain.

The new accreditation will enable BlackBerry customers to have increased confidence in the company’s ability to manage the use of open source software across its Cybersecurity and IoT product portfolio. As the frequency and severity of cybersecurity attacks grow and stringent regulatory standards like President Biden’s Cybersecurity Executive Order come into effect, the need to have holistic visibility into the security of the software supply chain is of paramount importance, particularly when managing open source software.  

BlackBerry is the first company in North America to gain company-wide OpenChain ISO/IEC 5230:2020 conformance and collaborated with OSS Consultants to achieve the accreditation. OpenChain encourages self-certification, independent assessment, and third-party certification as options for entities seeking to address the risk profile of their supply chain.

“It is hard to overstate the importance of today’s announcement,” says Shane Coughlan, OpenChain General Manager. “BlackBerry has one of the deepest industry pedigrees in bringing increased peace of mind to enterprise and governmental organizations. Certifying their open source software management  underlines their commitment to excellence and serves as a beacon for other companies to follow.”

“We are extremely proud to be the first company based in North America to announce whole entity conformance to OpenChain ISO/IEC 5230:2020,” said Charles Eagan, Chief Technology Officer at BlackBerry. “BlackBerry continues to lead in securely developing software. We realized the importance of leveraging Open Source Software and recognized the need for a robust process to manage the use of it in our products.”

“As trusted consultants that have helped organizations of all sizes implement Open Source Programs, we were thrilled to partner with BlackBerry to attain the first whole-entity OpenChain conformance in North America. The OpenChain Project has set a high standard of open-source compliance within the supply chain and across the world,” said Russ Eling, CEO and Founder of OSS Consultants.”

###

About BlackBerry

BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world.  The company secures more than 500M endpoints including over 195M vehicles.  Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint management, endpoint security, encryption, and embedded systems.  BlackBerry’s vision is clear – to secure a connected future you can trust.

BlackBerry. Intelligent Security. Everywhere. 

For more information, visit BlackBerry.com and follow @BlackBerry.

Trademarks, including but not limited to BLACKBERRY and EMBLEM Design are the trademarks or registered trademarks of BlackBerry Limited, and the exclusive rights to such trademarks are expressly reserved.  All other trademarks are the property of their respective owners.  BlackBerry is not responsible for any third-party products or services.

About OSS Consultants:

OSS Consultants is a business dedicated to helping organizations of all sizes – from the world’s largest and well-known companies to small businesses and start-ups – design, implement, and manage the most efficient, comprehensive and robust open-source program offices and policies on the planet. Service offerings range from a scan and audit of your third-party and proprietary software to creating a full OSPO within your organization. Find more information at www.ossconsultants.com.

About the OpenChain Project 

The OpenChain Project maintains the International Standard for open source license compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.

Media Contact:

BlackBerry Media Relations
+1 (519) 597-7273
mediarelations@BlackBerry.com

OSS Consultants Media Relations
info@ossconsultants.com

Webinar: Security Today

By community, Featured, News, security, Webinar

This webinar provided a snapshot of developments around open source and security topics, an increasingly important part of open source governance and management. While not intended to cover all the issues seen, it was designed to give a strategic overview to interested parties.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #38, released on 2022-03-11.

OpenChain Korea Work Group Meeting – March 16th at 14:00 Korea Time

By Featured, News

The OpenChain Korea Work Group holds its next meeting on the 16th of March at 14:00 Korea Standard Time. Check out the agenda and the dial-in details below!

You can join the event via LINE’s Zoom room:
https://line.zoom.us/j/98865487244?pwd=UnJFMHg2ZmIxNTAwcWtGTkRzc2tJdz09
Please use this password: 160322

The Korean Work Group also had a dedicated page for the event:

Block Joins The Governing Board Of The OpenChain Project

By Featured, News

Block, a global technology company with a focus on financial services, today joined OpenChain’s Governing Board. Block, made up of Square, Cash App, Spiral, TIDAL, and TBD, builds tools that help make the economy more accessible for everyone. The OpenChain Project has been building trust in the supply chain since 2016. It maintains OpenChain ISO/IEC 5230, the International Standard for open source license compliance. This is a simple, effective standard suitable for companies of all sizes in all markets. It is developed openly by a vibrant user community and freely available to all.

“Welcoming Block to the OpenChain Governing board is a landmark moment for our project,” says Shane Coughlan, General Manager at OpenChain. “The financial sector is one of the areas where regulation is most important, and where getting things done correctly is of vital significance. Managing the supply chain is an issue here as it is everywhere, and OpenChain standard for open source compliance helps to mitigate this challenge. We are proud to be part of the solution for Block and we look forward to working with many other financial companies in the future.”

“Managing supply chains is not something that a company does alone. It is a combined industry effort to reduce errors and to increase efficiency,” says Max Sills, Counsel at Block. “At Block, we recognize that OpenChain is a critical part of this in the open source ecosystem, and we see immense value in being part of the strategic management around the ISO standard and the global community. We look forward to helping the open source supply chain become more efficient and more effective together.”

About Block

​Block (NYSE: SQ) is a global technology company with a focus on financial services. Made up of Square, Cash App, Spiral, TIDAL, and TBD], we build tools to help more people access the economy. Square helps sellers run and grow their businesses with its integrated ecosystem of commerce solutions, business software, and banking services. With Cash App, anyone can easily send, spend, or invest their money in stocks or Bitcoin. Spiral (formerly Square Crypto) builds and funds free, open-source Bitcoin projects. Artists use TIDAL to help them succeed as entrepreneurs and connect more deeply with fans. TBD is building an open developer platform to make it easier to access Bitcoin and other blockchain technologies without having to go through an institution.

About the OpenChain Project

The OpenChain Project maintains the International Standard for open source license compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.

External Event Coming Soon: The Path to a Sustainable Software Supply Chain

By Featured, News

Shane Coughlan, OpenChain General Manager, will take the lead in a FOSSA webinar on the 16th of March.

From their site:

Software supply chain security has dominated the headlines in recent months following a series of events (including the SolarWinds hack and the Biden Administration’s executive order). But maintaining the integrity of your software supply chain is about more than just traditional vulnerability remediation. Our modern threat landscape has elevated the importance of supply chain sustainability, which includes areas like software provenance and lifecycle management in addition to known vulnerability mitigation.

Join Shane Coughlan, GM of OpenChain (a Linux Foundation project) for a conversation on the importance of supply chain sustainability and practical steps your organization can take to strengthen supply chain integrity.

We’ll discuss:

  • The evolution of software supply chain threats
  • The importance of software provenance, such as package origin, maintainers, and quality
  • Questions to ask vendors to gauge the sustainability of proprietary software
  • Indicators of sustainable open source software

Register here: