It’s my pleasure to present a brand new initiative within the Umbraco Community; our first-ever Security & Privacy Team. With turmoil in the world, a cyberattack every 39 seconds, and increased regulation as a response, it’s getting harder for digital agencies to navigate. With this team of very skilled and dedicated Umbraco friends, we hope to be able to assist you in staying secure and compliant.
#H5YR to A LOT of awesome applicants
Back in June, the week before Codegarden, we presented the idea of a new community team focused on Security & Privacy. We are facing a world with more cyberattacks, and more costly breaches - leading to a world where the gap between organizations that are able to make themselves cyber-resilient and those that cannot is growing.
As an Open Source CMS provider with a broad reach, we believe we can make an impact through our community, and one of the very successful ways we’ve done that in recent years is through community teams. Teams made up of skilled community members with various backgrounds that work together on a specific topic - and specifically for this team: Security & Privacy.
It’s impressive how many knowledgeable and engaged people we see in our community, so you should know, that selecting the right team hasn’t been easy. We’ve aimed for a diverse team of skilled professionals, both technical and business-wise and tried to ensure that we cover both security and privacy. And I think we’ve nailed it. Please welcome the new Security & Privacy Team.
Zoja Antuchevic
Currently, as the CEO and Partner of SolutionLab, I oversee the operations of an organisation that leverages IT as an enabler of innovation for businesses. With over 15 years of experience in IT Security, I have successfully increased SolutionLab's market share by becoming a trusted partner in solving clients' challenges, repositioning SolutionLab as a recognised and credible industry player.
In addition to my role at SolutionLab, I am proud to be a member of the Association „LYDERĖ", dedicated to empowering women to reach their full potential. I also serve on the board of Women4Cyber and the Chair the Board at KSEA, an independent association of cybersecurity experts. My commitment to promoting gender diversity and supporting women's representation in cybersecurity is unwavering. As an EU CyberNet expert, I am dedicated to driving innovation and excellence in the field of cybersecurity.
Anna Bastron
I have got over a decade of hands-on experience in web development and 6 years in solution architecture, where my focus has been on designing architecture and defining technical requirements for complex web solutions.
Throughout this journey, I have worked with various technology stacks and platforms, but the privacy & security aspect has always remained one of the top priorities: starting from designing systems that comply with regulations to passing audits and collaborating with security companies on pen testing. So I simply couldn't miss my chance to join a team of professionals who are as passionate about security as I am and willing to make an impact.
Simone Chiaretta
As a government institution, we are continuously target of cyber attacks, therefore we have very strict security and data protection regulations in place. We do periodic security testing and we spend a lot of time making sure our systems are secure and safe from attacks.
I decided to apply to the Security and Privacy Team because I want to be able to share all our internal knowledge with the community and help implement an even more secure Umbraco core.
I've been a long-time Umbraco developer, since 2010, and I'm currently the Coordinator of the Umbraco competence center at the Council of the European Union, where we help various teams in the organisation to implement Umbraco solutions in the best effective and maintainable way. During the last 10 years, I slowly introduced Umbraco in our organisation and we are now running 7 systems in production, ranging from standard CMS sites to headless implementation and even games.
Before working at my current company I worked for 14 years in other agencies, always dealing with CMS, and even building our own CMS back in the '00s.
I've also been multiple times a speaker at Codegarden and other Umbraco and technical conferences, a member of the previous unicore team, a published author, and 6 times Microsoft MVP.
Steven Harland
I decided to put myself forward for this team because I think the Umbraco community is one of the best tech communities out there (if not *the* best!) and I wanted to give something back.
Over the years I've carried out security research focused around the Umbraco CMS, disclosed multiple security vulnerabilities, and given talks at various meetups. I'm excited to continue these efforts, now as part of a team, to help ensure the continued security of the CMS and its users.
My background is in software development and I started developing Umbraco websites and apps back in 2013. Around 2019 was when I reported my first security vulnerability to Umbraco HQ and it was at this time I decided to make the jump into a career in cyber security.
My main focus for the last few years has been on penetration testing and consultancy, but I have also gained experience in other areas such as security operations, engineering, and incident response.
I am passionate about software development and security and hope that my experience across both industries can help to make a difference in the community.
Alan Mac Kenna
I’m passionate about protecting people's privacy and in today's digital landscape safeguarding users' personal data is an essential ingredient to preserving privacy. The new community Security & Privacy team presents a unique opportunity to contribute to an important intersection of domains supporting this goal for a product and community that I hold in high regard.
I’m really enthusiastic about what a team focused on this objective can achieve with the support of Umbraco and its community. In contributing to this team, my aim is to bring a ‘privacy by design’ perspective, learn from the team and the community and have a little fun along the way!
My background is in software engineering with 20 years of experience delivering solutions across retail, grocery, insurance and recruitment sectors, often involving a CMS component, which kicked off my journey with Umbraco starting in 2008. As the collection and use of data by tech products exploded I developed a passion for designing solutions to reduce privacy harms. Today my role focuses on ensuring compliance with privacy regulations across multiple jurisdictions and supporting development and information security teams in engineering products to meet privacy goals.
Joe Kepley
Prior to starting Blend, I worked in financial IT as a development manager in charge of a credit card services website. This taught me a lot about secure development, as well as how big businesses secure and manage sensitive information. Blend has gone on to serve data-sensitive clients like banks, asset management firms, government agencies, and hospital systems for the past 19 years. This has required us to continually evolve and improve our security and privacy best practices.
As we work to innovate and build incredible new features, it would be simple to lose sight of the fact that for software to be truly friendly and useful, it has to be safe and secure. I'm excited to be able to give back to the Umbraco community by helping to use my background in enterprise IT to help the Umbraco community.
Liam Laverty
Digital privacy & security are two of the most important issues facing software developers, especially in the CMS domain. I've got a good amount of industry experience inside and outside of Umbraco, including in data-sensitive industries. I felt I had a unique perspective to offer the team.
I have 15 years of professional software development experience, 10 of which have been working with Umbraco CMS. I've worked with the award-winning Intelligent Mobile to deliver large e-commerce Umbraco sites, where security & privacy were a top concern. Following my time at Intelligent Mobile, I've worked in the financial services industry creating KYC & AML (Know Your Customer & Anti Money Laundering) automation software. I now run Etive Mòr Ltd, providing 3rd-party contracting services to Umbraco Platinum partners, and sustainability-focused startups.
Jamie Townsend
I wanted to join the Security and Privacy team as a way to give back to Umbraco and the community as well as the opportunity to work alongside HQ and the incredible other Security and Privacy team members was too much of a fantastic opportunity to turn down.
I'm the Principal Backend Engineer at Shout Digital, I have been a developer for 20 years, using Umbraco for the past 6 years in various positions. I am also currently an Umbraco Master.
And from HQ
The team will be joined by Mathias Tøndering, Bjarke Berg and myself, Lasse Fredslund.
Mathias is responsible for the internal IT, security- and privacy operations at Umbraco and often involved in tender evaluations and compliance-related tasks with our customers.
Bjarke is heading up the CMS and is involved with the development of Umbraco on a daily basis. He is also responsible for security issues related to the CMS and the one facilitating the CVSS scoring of issues.
I am the product owner in the CMS Group and look forward to seeing how we can support and promote good, secure and compliant web development within the community and in the products we develop at HQ.
Written by: Lasse Fredslund
Published: August 9, 2024