Dr. Melanie Rieback
CEO and Co-founder of Radically Open Security
Category of Humanitarian Benefit: Knowledge Sharing
Short Biography/Background of the Nominee: Dr. Melanie Rieback is the CEO/Co-founder of Radically Open Security, the world’s first non-profit computer security consultancy company. She is also a former Assistant Professor of Computer Science at VU who performed RFID security research (RFID Virus and RFID Guardian), that attracted worldwide press coverage, and won several awards (VU Mediakomeet, ISOC Award, NWO I/O award, IEEE Percom Best Paper, USENIX Lisa Best Paper). Melanie worked as a Senior Engineering Manager on XenClient at Citrix, where she led their Vancouver office. She was also the head researcher in the CSIRT at ING Bank, where she spearheaded their Analysis Lab and the ING Core Threat Intelligence Project.
For fun, she co-founded the Dutch Girl Geek Dinner in 2008. Melanie was named 2010 ICT Professional of the Year (Finalist) by WomeninIT, one of the 400 most successful women in the Netherlands by Viva Magazine (Viva400) in 2010 and 2017, one of the fifty most inspiring women in tech (Inspiring Fifty Netherlands) in 2016 and 2017, and the Most Innovative IT Leader by CIO Magazine NL (TIM Award) in 2017. Her company, Radically Open Security was also named the 50th Most Innovative SME by the Dutch Chamber of Commerce (MKB Innovatie Top 100) in 2016.
Project Name and Description: Melanie Rieback is a pioneer in the field of computer security. She advocates an open source and non-profit business model in a growing tech-industry which is focused more on profits and a 'black box' method of operating. To this end she founded Radically Open Security.Radically Open Security (ROS) is the world's first not-for-profit computer security consultancy company. It is prototyping an innovative new business model - using a Dutch "Fiscaal Fondswervende Instelling" (Fiscal Fundraising Institution) to provide a commercial front-end that sends 90% of its profits tax-free to a backend foundation (Stichting NLnet) that has supported open-source, Internet research, and digital rights organizations for almost 20 years. The other 10% of our profits will go to an employee profit-sharing scheme, in which the secretary accumulates profit-sharing rights as quickly as the CEO. Additionally, due to low management/overhead costs, ROS can afford to pay competitive wages to its computer security consultants. Its idealism fuels its growth. It helps ROS to hire idealistic A-list security experts, and to find like-minded customers who want to use their security budget as a "vote" to support socially responsible entrepreneurship.Through ROS Melanie Rieback is "hacking a new business model" for prototyping an ideal company - that optimizes for benefit to the world (customers, employees, society) as opposed to profit motive (shareholders, investors, founders). See https://radicallyopensecurity.com/business-model.htm and watch https://www.youtube.com/watch?v=QyeGbARlUyI
Key principles of ROS including sharing knowledge on how ethical hackers and security experts conduct security reviews and audits of client systems, applications and servers. Frustrated of being kept a 'black box' by security companies, ROS advocates a 'Peek-over-our-Shoulders' and 'Teach-to-fish' approach (see https://radicallyopensecurity.com/principles.htm). Clients from multinationals to NGO's can see and learn how security audits are conducted. Through 'Chatops and Pentext' ROS has created the option of allowing direct interaction between ROS' security experts and client teams (watch https://www.youtube.com/watch?v=8QzId2p0BmU).
Recently Melanie has also used the case of Radically Open Security to show how social enterprises can thrive.Through her new initiative Nonprofit Ventures Melanie is starting an incubator to inspire and help others to setup similar sustainable "not for profit businesses" in other industries.
Humanitarian Benefit: With her work of founding and running Radically Open Security(ROS) and now Nonprofit Ventures, Melanie is changing the business landscape. She shows how social enterprises can be successfull in profit- driven industries like computer security. 90% of the profits of ROS go to a foundation (Stichting NLNet) that supports open-source, internet research and digital rights organizations (see: https://nlnet.nl/). ROS helps not only large organizations but also several NGO's with improving their own computer security and giving them the tools and insights in how to to do it themselves. ROS does not take on sketchy projects that would for instance create mass surveillance systems (see https://radicallyopensecurity.com/principles.htm), but would instead help journalists in other parts of the world ensure their digital freedom.