Episode Summary

 Is the traditional Silicon Valley startup model harming the security industry? In this episode of The Secure Developer, Danny Allan talks with Melanie Rieback, founder of Radically Open Security, about shaking up the industry with nonprofit business models. Tuning in, you’ll learn about the inner workings of Radically Open Security as a non-profit organization and the positive impact its donations have had on the open source ecosystem.

We discuss the benefits of a steward-ownership business model, why it pairs so well with open source, and its power to reform venture capital and align incentives with long-term sustainability. For those interested in diving deeper, Melanie shares resources from her startup incubator, Nonprofit Ventures, and her free online Post Growth Entrepreneurship course. Tune in to learn why reforming our business models is vital for preserving and protecting our open source ecosystem and, by extension, security! 

Show Notes

In this episode, Snyk CTO Danny Allan chats with Dr. Melanie Rieback, founder of Radically Open Security, about her journey from academia and pen testing to founding a cybersecurity company with a radically different business model. Melanie shares the motivations behind creating a not-for-profit organization that donates 90% of its profits to the NLnet Foundation, supporting open source and digital rights initiatives. They discuss the discontent with traditional cybersecurity business practices, including lack of transparency and ethical concerns like selling zero-days.

Melanie explains Radically Open Security's structure, operating as a collective primarily using contractors, and how this model has allowed them to grow to 50 people while serving major clients and offering pro-bono work for nonprofits and critical open source projects like the Tor Project and Tails. The conversation then broadens to discuss alternative business models like steward ownership, where profit rights are separated from voting rights, aiming to lock value within the company and prevent mission drift often caused by traditional VC funding.

They explore the concept of "Post Growth Entrepreneurship," which Melanie teaches, focusing on non-extractive business models and reforming finance itself. The discussion touches upon whether the tech industry, particularly open source, is moving towards more sustainable and ethical models, citing examples like Signal, Proton, Mastodon, and Mozilla. Melanie emphasizes that the culture of open source developers is often inherently altruistic, not greedy, but can be compromised by traditional funding systems. Finally, Melanie offers resources for listeners interested in learning more about these alternative models.

Links

• Radically Open Security
• Radically Open Security on LinkedIn
• NLnet Foundation
• Nonprofit Ventures
• Post Growth Entrepreneurship Course
• Snyk - The Developer Security Company

Follow Us

• Our Website
• Our LinkedIn