New cybersecurity laws shape devops approaches

Victor Dabrinze
2025-06-26 20:24:00
siliconangle.com

Standards, guidelines and laws govern the world. However, few places embody that reality better than the digital realm. With new and hybridized attack pathways proliferating rapidly, countries are updating their cybersecurity laws to keep pace.

TheCUBE goes live with cybersecurity insights at Open Source Summit NA.

Where do these shifting grounds leave open-source developers? And how can they stay ahead, adhering to these laws without compromising the pace of innovation?

“We’re focused on improving open source and supply chain security for everybody, and everybody is a subset,” said Crob Robinson (pictured), chief security architect of OpenSSF. “Europe is part of that subset, and they just recently released a new law called the Cyber Resilience Act that is going to have some pretty far-reaching consequences across the whole globe, honestly, and the tech ecosystem especially.”

Robinson spoke with theCUBE’s Paul Nashawaty at Open Source Summit NA, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the pressing need for devs, vendors, CIOs and other stakeholders to leverage available tools to stay compliant, build secure software and thrive in today’s regulated landscape. (* Disclosure below.)

New cybersecurity laws are a global wake-up call

The EU’s Cyber Resilience Act, or CRA, is poised to reshape the open-source and enterprise software landscape. With mandatory compliance kicking in by December 2027, organizations that ignore it risk losing access to Europe, the world’s third-largest market. Importantly, however, this is not just a European issue. Countries such as India, China, Australia and the U.K. are crafting similar legislation, and the U.S. is enforcing cybersecurity standards through procurement rules, according to Robinson.

“There’s some newer concepts like software bill of materials, but this is something that cybersecurity people are very familiar with,” he said. “Now, for upstream open-source developers, this is not necessarily anything they’ve ever had any exposure to — and there’s a lot of fear. Our mission is to provide education and awareness on what the facts of the law are and what actions you’re going to need to take. But the burden of compliance falls on manufacturers.”

These manufacturers often rely on open-source components, making secure-by-design development and transparency mission-critical. Failing to comply isn’t just an inconvenience — it’s potentially catastrophic. Under the CRA, companies found negligent in a data breach could face fines of up to 2.5 times their annual revenue per infraction, according to Robinson.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of Open Source Summit:

(* Disclosure: The Linux Foundation sponsored this segment of theCUBE. Neither The Linux Foundation nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+

CUBE Alumni Network

C-level and Technical

Domain Experts

Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.

Source Link

Enjoy the perfect blend of retro charm and modern convenience with the Udreamer Vinyl Record Player. With 9,041 ratings, a 4.3/5-star average, and 400+ units sold in the past month, this player is a fan favorite, available now for just $39.99.

The record player features built-in stereo speakers that deliver retro-style sound while also offering modern functionality. Pair it with your phone via Bluetooth to wirelessly listen to your favorite tracks. Udreamer also provides 24-hour one-on-one service for customer support, ensuring your satisfaction.

Don’t miss out—get yours today for only $39.99 at Amazon!

Unlock unlimited streaming with a free Amazon Prime trial!
Sign up today!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!

BITCOIN

Bitcoin Logo