COSS Community 🌱

Cover image for OCS 2020 Breakout: Nicolas Chaillan
Joseph (JJ) Jacks for COSS Community

Posted on

OCS 2020 Breakout: Nicolas Chaillan

Mr. Nicolas Chaillan is appointed as the first Air Force Chief Software Officer, under Dr. William Roper, the Assistant Secretary of the Air Force for Acquisition, Technology and Logistics. He is also the co-lead for the Department of Defense Enterprise DevSecOps Initiative with the Department of Defense Chief Information Officer. Prior to his current position, Mr. Chaillan was the Special Advisor for Cloud Security and DevSecOps at the Department of Defense, OSD, A&S and Special Advisor for Cybersecurity and Chief Architect for at the Department of Homeland Security. He designed the new robust, innovative and holistic .Gov cybersecurity architecture. In addition to his public service, Mr. Chaillan is a technology entrepreneur, software developer, cyber expert and inventor and is recognized as one of France’s youngest entrepreneurs after founding WORLDAKT at 15 years of age. Mr. Chaillan went on to found 12 companies and has over 20 years of domestic and international experience with strong technical and subject matter expertise in cybersecurity, software development, product innovation, governance, risk management and compliance. Specifically, these fields include Cloud computing, Cybersecurity, DevSecOps, Big Data, multi-touch, mobile, IoT, Mixed Reality, virtual reality and wearables.

Relevant Links

Nicolas Chaillan is the Chief Software Officer of the U.S. Air Force, bringing DevSecOps DoD-wide.

Can you tell us a little bit about the size and scope of your organization and give people a quick intro on it? -:14

What are your perspectives on open source, and how critical open source is to the Dept. of Defense and the US Air Force? -1:16

Can you share some highlights about the biggest deployments of new and emerging open source technologies that didn’t exist a few years ago? -2:07

Can you share your perspectives on the commercial source ecosystems? You've probably partnered with a good number of providers. For founders in the audience or companies that are seeking partnership with DOD or with your organization, what are some of the things you’ve learned that you can share as advice companies commercializing open-source technology? -3:39

It seems like a tall order what you’re describing for a lot of companies working with Fortune 2000, Fortune 5000, enterprises who have been conditioned for many decades to pay for licenses or pay for commercial features. What advice would you give to companies that may want to gradually evolve toward open source and less-proprietary IP? We see GitLab open sourcing more and more of their commercial layer. What kind of evolution do you see there and what advice would you give on the business model sizing? -7:29

To rearticulate and summarize...It seems like you feel like there’s no way to build a sort of trust and customer loyalty with a halfway strategy. It’s either everything is open source and very clear… You”re sort of like Red Hat. Everything is transparent and open source...maybe you’re selling insurance policy and support subscription and services OR you’re fully proprietary and it’s very clear what the relationship and the engagement is like where you buy the license and access to the product. It sounds like where you have a lot of resistance and are very critical is with companies who have open source core but have a lot of paid features around that open source core whether its delivered as cloud service or commercial extension. -10:23

I want to ask about your environment and the complexity of engaging your organization. A lot of start ups are building tools for cloud service consumption or maybe they’re building an API, but when working with your organization there’s a huge amount of complexity with all the on premise infrastructure, with all the “legacy integrations.” What are biggest words of wisdom/advice you would give small or young companies? Just to clarify, small is probably less than 1000 people since your organization is so large. What is the level of intensity that is needed in terms of understanding security? You mentioned air gap a couple of times, on premise infrastructure. Give us a sense of what startups and vendors serving you should be aware of when engaging your organization. -12:42

That you’re really driving just the pace of entry and reducing all the friction to serving your organization and engaging with DOD and U.S. Government. It sounds like the cycle times are shrinking in order to develop an engagement in a matter of weeks. If I’m hearing you correctly, it’s like two or three weeks now from what you’re building in this new program. If I reflect back, when selling software for different companies five or ten years ago, this was a matter of years. It would take one, two or even three years, in some cases, just to go through initial discussions, relationship development, contract approval, engagement and then maybe another year long POC. How did you accomplish this in one of the largest organizations in the world? What was the journey like to reduce the time to value for bringing new technology in? -16:22

That’s incredible. I want to thank you for you leadership and having you at the conference this year -20:15

Share your questions and comments below!

Top comments (0)