The Kübler-Ross Model of open source security evolution suggests that organizations go through five stages: Denial, Anger, Bargaining, Depression, and Acceptance, as they come to terms with the extent of their reliance on open source software. To effectively embrace this role, Open Source Program Offices (OSPOs) need to bring security expertise into their teams, participate in forums like the Open Source Security Foundation's "End User" working group, and start thinking about software bill of materials (SBOM). This includes hiring or bringing in security experts, using tools like Snyk's dev-first tooling for one-click fixes for vulnerable dependencies, and starting to prioritize open source security in their development, build, and deployment processes.