BlackBerry Announces First OpenChain Security Assurance Specification Conformance in the Americas

January 24, 2023

WATERLOO, ONTARIO – January 24, 2023 – BlackBerry Limited (NYSE: BB; TSX: BB) today announced it is the first business in the Americas to gain the OpenChain Security Assurance Specification, a best-in-class validation of the company’s ability to manage open-source vulnerabilities and risks as part of its software supply chain, with a view to providing a higher level of security assurance for customers.

The Linux Foundation’s OpenChain Project works to establish trust in open-source software. Use of the OpenChain Security Assurance Specification will enable BlackBerry customers to have increased confidence in the company’s ability to manage the use of open-source software across its Cybersecurity and IoT product portfolios.

“Building a more resilient and trusted software supply chain is critical to the future of secure software, and BlackBerry is proud to be a leader in this space,” said Christine Gadsby, Vice President, Product Security at BlackBerry. “We’re committed to adopting a higher standard for our software supply chain as cyberattacks grow and stringent regulatory standards come into effect.”

“Cyberattacks are increasing in frequency, severity, and sophistication. Securing software supply chains is a priority for organizations of all sizes in all industries as they look to reduce their overall business risk profile,” said Frank Dickson, Group Vice President, Security and Trust at IDC. “Protecting sensitive data is paramount in achieving this objective, particularly in the face of potential financial loss and reputational damage. Following respected third-party standards and specifications is an excellent way for organizations to communicate and demonstrate a commitment to current best practice security processes and sustainability of their approach in moving forward.”

The milestone builds on BlackBerry’s previous adoption of OpenChain ISO/IEC 5230:2020, the international standard for open-source license compliance, which defines the key elements of a quality open-source compliance program and allows companies of all sizes and sectors to adopt them.

“BlackBerry has one of the deepest commitments in the security industry to bringing increased peace of mind to enterprise and governmental organizations,” said Russ Eling, CEO, OSS Consultants, who worked with BlackBerry to gain the new accreditation. “This added certification highlights BlackBerry’s position as a trusted supply chain vendor and serves as an example for others to follow. BlackBerry was able to meet the specification through its existing policies and processes due to its long history and commitments to responsible management of open source. BlackBerry has a team of experts who have developed their practices, tooling, and operational capability to manage the vulnerabilities that arise within open-source libraries.”

For more information about BlackBerry’s certifications visit BlackBerry.com.

###

About BlackBerry

BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including 215M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety, and data privacy solutions, and is a leader in the areas of endpoint security, endpoint management, encryption, and embedded systems.  BlackBerry’s vision is clear - to secure a connected future you can trust.

BlackBerry. Intelligent Security. Everywhere.

For more information, visit BlackBerry.com and follow @BlackBerry.

Trademarks, including but not limited to BLACKBERRY and EMBLEM Design are the trademarks or registered trademarks of BlackBerry Limited, and the exclusive rights to such trademarks are expressly reserved. All other trademarks are the property of their respective owners. BlackBerry is not responsible for any third-party products or services.

About OSS Consultants:

OSS Consultants is a business dedicated to helping organizations of all sizes – from the world’s largest and well-known companies to small businesses and start-ups – design, implement, and manage the most efficient, comprehensive and robust open-source program offices and policies on the planet. Service offerings range from a scan and audit of your third-party and proprietary software to creating a full OSPO within your organization. For more information visit https://www.ossconsultants.com.

About the OpenChain Project

The OpenChain Project maintains the International Standard for open-source license compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open-source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open-source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open-source project, which together deliver an economic impact not achievable by any one company. For more information visit www.linuxfoundation.org.

###

Media Contacts:

BlackBerry Media Relations
+1 (519) 597-7273
mediarelations@BlackBerry.com
 

OSS Consultants Media Relations
info@ossconsultants.com