This awareness is critical as governmental agencies are the largest customers in the defense tech field,
            and they cannot acquire compromised software components.

            Another recommendation is to prioritize the implementation of cybersecurity, model weights security, and
            personnel security controls, which are likely to become the focus of coordinated global standards under
            emerging U.S. AI policy directions.



            Conclusions

            Open-source software often serves as the foundation for proprietary applications, and the defense tech
            industry is no exception. With the rising popularity of open-source AI, defense tech engineers are now
            leveraging these cutting-edge technologies to shape international security using new tools that remain
            relatively underexplored. This introduces unique challenges and risks that need careful attention.

            The key  policy  makers  –  U.S.  state  defense  agencies  like  Cybersecurity  and  Infrastructure  Security
            Agency’s (CISA), National Telecommunications and Information Administration (NTIA), and the Office of
            Science  and  Technology  Policy  (OSTP)  are  constantly  gathering  feedback  from  the  industry  for  the
            insights on how to shape emerging open-source and open-source AI policies.

            This is a great resource for the defense tech developers’ education that should be prioritized by the
            businesses during the development cycle. Applying tools in development that generate the Software Bill
            of Materials and tracking the open-source AI’s dependencies’ provenance is a crucial first step for the
            defense tech applications' transparency and cyber safety.




            About the Author
            Yuliia Verhun is a technology & business lawyer from the IT industry. For
            over  10  years,  Yuliia  has  been  helping  international  startups  with
            corporate  structuring,  operations,  board  governance,  intellectual
            property & data protection in the EU, USA, and Middle East. As General
            Counsel, Yuliia led investment rounds for tech startups in the UAE and
            prepared Unicheck – an EdTech SaaS platform serving over a million
            end users for large-scale public procurements in the U.S., and later, for
            a  high-value  M&A.  These  experiences  reinforced  her  belief  that
            transparent  and  secure  software  architecture  is  a  strategic  asset,
            consistently  scrutinized  during  due  diligence  and  procurement
            processes  on  the  international  stage.  Yuliia  is  actively  engaged  in
            research at the intersection of open-source AI and cybersecurity, with a particular focus on applications
            in defense technology.

            Yuliia Verhun can be reached online at [email protected], https://www.linkedin.com/in/yuliia-verhun-
            general-counsel/ and at my company website: https://generalcounsel.verhun.com/.








                                                                                                            273