Security and governance of open source software (OSS): Geneva Dialogue Masterclass #1

In 2026, the Geneva Dialogue will focus on stress-testing cybersecurity practices and agreed cyber norms under real-world conditions. Through a scenario-based engagement framework, the Dialogue brings together policymakers, private sector actors, technical communities, and civil society to examine how responsibilities, incentives, and governance arrangements hold up when systems are under strain, with insights from Costin G. Raiu, Mika Lauhde, and Roman Zhukov.

This masterclass opens the first thematic cycle of 2026, dedicated to the security and governance of open source software. Its purpose is to establish a shared analytical baseline: how OSS functions as a systemic dependency; how security responsibilities are distributed across maintainers, vendors, users, and public authorities; and where current governance approaches struggle to manage risk, accountability, and resilience at scale. The session is designed to bridge policy and technical perspectives and to frame the key questions that will be explored in depth during the subsequent scenario-based consultation.