Jay White Board Spotlight graphic

OASIS Board Member Spotlight Series: Q&A with Jautau “Jay” White, Ph.D.

The OASIS Board of Directors are integral to the organization's success. Read our Q&A to gain a better sense of who they are and why they serve the OASIS community.

Meet Jautau “Jay” White, Ph.D., an accomplished leader with a strong focus on people and teamwork. With two decades of experience, he specializes in building top-notch teams and programs that enhance information security and cybersecurity while reducing risks and ensuring compliance. His expertise spans AI/ML vulnerabilities, supply chain security, data privacy, cybersecurity, and more.

What can you tell us about your current role?
At Microsoft, my role involves supply chain security and open source strategy work. My main function is to be the subject matter expert on cybersecurity and information security matters, and take that knowledge and use it to communicate internally to extrapolate ideas, initiatives, and strategies that can be worked on in a collaborative environment such as open source. 

A large part of my job is going out into the open source ecosystem to see what communities are already in place and to help build communities around work that’s for the betterment of mankind. I seek out opportunities that align with Microsoft’s ongoing projects, identifying areas where Microsoft wants to invest its efforts and finding where those efforts are already underway. We initiate projects within Microsoft and leverage open source collaboration to crowdsource innovative solutions from open source communities. I bring those insights back to Microsoft, advocating for the adoption of these solutions, saying “This is already being done, why don’t we use this?” or “Why don’t we get involved with that?” That’s a large part of my job. I love what I do mainly because it takes everything I’ve learned throughout my entire career to do it.

What inspired you to join the OASIS Board?
I love standards, specs, and policies. Having had a hand in writing standards and then using them throughout my entire career, joining the OASIS Board was an excellent opportunity. One of the things I think that I liked most was the fact that I had to run for the board seat. I campaigned and talked to community members and staff; I really put myself out there and I enjoyed that immensely.

I love what OASIS does in terms of the international community. I love its recognition. There are so many specs and technologies that are being used today that people don’t even know originated in OASIS and I just love that I get a chance to be part of it.

Prior to serving on the OASIS Board, were you involved in open source or open standards? 
For the past few years, I’ve been involved with the Linux Foundation, especially their Open Source Security Foundation (OpenSSF) project. I currently sit on OpenSSF’s Technical Advisory Council (TAC) and I lead a few working groups and special interest groups there as well. Getting involved with OASIS was the next evolution. OASIS does such an amazing job bringing standards and specs to market. I’ve always felt that I want to be involved in this part, because the regulatory part is where I thrive.

What skills and expertise do you bring to the OASIS Board and how do you hope to make an impact?
I bring extensive cyber and security knowledge. Unlike many individuals who specialize in one area for the entirety of their careers, I’ve navigated through many roles inside of cyber and information systems. I’ve been a network engineer, a systems admin, a desktop support engineer, and a penetration tester. Also, I’ve done physical security assessments, admin security assessments, and I’ve installed firewalls. I have a software engineering degree, so I’ve written programs. There are so many different places that I’ve touched throughout my entire career across government, healthcare, finance, and professional services sectors. My experiences have enabled me to approach situations from different vantage points and engage meaningfully in conversations. I’m excited to learn about emerging standards and specs from diverse industries.

Why are you passionate about the OASIS mission to advance technology through global collaboration?
Global collaboration is key. I spent my last few years working in open source, and it’s so important to work collaboratively. I coined the phrase, “strategically competing through partnership and collaboration.” A lot of these major companies are competitors in nature, but there’s so much out there right now that is affecting every single one of our businesses at the same time, that we have to come together to build these standards, technologies, controls, and safeguards so that our joint customer base remains safe. Trust is huge and our customers have to trust each and every one of us equally.

What sets OASIS apart from other organizations that you’ve worked with in the past? 
The way OASIS is constructed around Technical Committees and Open Projects is still relatively new to me. I think where OASIS shines is how standards get created and brought to market. That’s the niche.

What would you say to companies that want to bring their projects to OASIS?
It would totally be dependent on what that company wanted. If they want to create a spec or a standard around a tool that’s being created, I would definitely say go to OASIS.

Do you have an impact story about your work in open source or open standards?
I take great pride in establishing a Diversity Equity and Inclusion (DEI) working group in the OpenSSF where there wasn’t one before. Additionally, I’m proud of the AI work that I’ve been able to bring to Microsoft.

At OASIS, I’m excited to be one of the founding members of the OpenEoX Technical Committee alongside Omar Santos. I’m extremely excited about OpenEoX’s potential; I think it’s going to be huge in the industry because there isn’t a standard for end-of-life and end-of-support. There’s nothing out there that allows customers to understand when new releases are coming in, when they’re going out, and how things are deprecated. Having been a part of OpenEoX since its inception and participating in the initial meetings thus far has been incredibly fulfilling.

Can you tell me about any exciting changes or trends in open source and standards?
The AI space is extremely large and there’s so much room to play in it. I don’t want us to get consumed by one area over the other. There are so many different specs and standards that can be created and I want us to be open to all the possibilities and open to the entire knowledge space.

Where do you see standards going in the future?
I see standards becoming more prevalent with respect to these different government regulations coming in. We have more and more regulatory requirements coming out that are beginning to drive standards, for example the EO from the White House, the EU’s Cyber Resilience Act (CRA), and a policy that’s coming out in Germany. I can see that gap closing where you’ll have a standard that could even drive a regulatory requirement at some point which will be something weird to see.

What’s a fun fact about you?
I ride motorcycles and I like to work on cars and bikes. More than anything, I enjoy getting under the hood of a car or lifting the bike up and taking it apart and putting it back together.