I disagree, OSS is an opportunity to Fortify. The implication is that the Tories didn't include ensuring the security of OSS in their plans. What Fortify should want is
Gov use OSS
Gov need security assurance
Gov purchase Fortify s/w.
Gov Fortify against the source code - something they can only do with OSS.
Given that you can't outsource accountability, any org that wants to ensure security of OSS must buy the Fortify product.