By John Linford, Forum Director, The Open Group, Security & Open Trusted Technology (OTTF)
The Open Group Open Trusted Technology Forum (OTTF) is pleased to announce the publication of Version 1.2 of the Open Trusted Technology Provider™ Standard (O-TTPS). The movement from Version 1.1.1 to Version 1.2 represents a deliberate review of the O-TTPS to ensure the requirements in it remain up to date and reflect learnings from industry and government.
By Ash Patel, Marketing Specialist. Recently we reached out to John Linford, Security & OTTF Forum Director, for The Open Group, to discuss his role, industry advice, updates within his Forum and lots more. Thank you again to John for his time and for giving us an expansive look into his Forum at large. Please see the full interview below:
In late July, The Open Group hosted an event bringing together speakers and practitioners from around the world to meet in Washington, DC at the historical Mayflower Hotel, and discuss some of today’s most vital topics in the area of security and resiliency.
With a focus on Zero Trust Architecture and Supply Chain Security, leaders from businesses including Microsoft, IBM, Micro Focus, and ServiceNow joined experts from public sector organizations like NIST and NASA, together with representatives from The Open Group itself, to explore how open standards are driving important developments and actionable insights in these important and developing topics.
On May 12, 2021, President Joe Biden issued the Executive Order on Improving the Nation’s Cybersecurity. This EO enumerates that “…the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.” The EO contains a significant level of detail regarding areas of improvement for federal IT systems, as well as policy responses to be implemented by the government in support of greater security for private and public IT systems. The EO mentions in some detail the shift to zero trust security as a part of what is needed to combat cyber threats, as well as increased reliance on enhanced supply chain security.
The Open Group, an international vendor- and technology-neutral standards and certification consortium, has been actively engaged in establishing a consistent and coherent vision of Zero Trust and Zero Trust Architecture across industry, academia, and governmental organizations for the last two years. In fact, The Open Group pioneered the underlying principles behind Zero Trust, under the aegis of the Jericho Forum® and the guidance that came from the Jericho Forum over the past two decades, including the Jericho Forum Commandments and Jericho Forum Identity Commandments.
In the world of technology, there are paradigms of language that arise organically and artificially over time. Necessity requires a shared mode of communication for ideas and as a result, descriptors, nouns, and technical designators are created and shared. The problem arises when certain words acquire a surfeit of meaning, so much so that they paradoxically become less meaningful. There are many examples of this but for our purposes, we’re going to look at “Supply Chain Security”.
By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group
In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.
After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.
By Steve Nunn, President and CEO, The Open Group
As we usher in the new decade, I would like to express my sincerest wishes for you – our valued Members, The Open Group global community, and staff – to enjoy much happiness and great success in 2020.
What a year it has been here at The Open Group! As I reflect on 2019 and consider what is to come in 2020, one thing is very clear – The Open Group is doing even more of what it does best – helping to solve real business problems through technology standards.
The Open Group hosted its latest event in Croke Park in the vibrant city of Dublin, April 29 – May 2, welcoming attendees that included decision-makers, Enterprise Architects, engineers, technologists and end-users representing many businesses and governments. The theme of this event and a topic which ran through many of the speaker sessions was ‘Digital in Practice’, covering not only the emerging digital technologies but also the standards, architectures and business frameworks that support and enable the transition to, and implementation of, the modern Digital Enterprise.
The Open Group hosted its latest event in the Scottsdale Plaza Hotel, Arizona, January 28 – 31, welcoming over 600 attendees including decision-makers, Enterprise Architects, engineers, technologists and end-users representing many businesses and governments. The theme was ‘Digital in Practice and the Supply Chain’, with a focus on the standards, architectures, and business frameworks that support and enable the transition to a modern Digital Enterprise.
By The Open Group
The increase of cybersecurity threats, along with the global nature of Information and Communication Technology (ICT), results in a threat landscape ripe for the introduction of tainted (e.g., malware-enabled or malware-capable) and counterfeit components into ICT products. This poses significant risk to customers in the operation of their business enterprises and our critical infrastructures.
By Loren K. Baynes, Director, Global Marketing Communications, The Open Group On Monday, April 25th, The Open Group London 2016 kicked off with an opening
The Open Trusted Technology Provider™ Standard (O-TTPS), a Standard from The Open Group for Product Integrity and Supply Chain Security, Approved as ISO/IEC International Standard
By Loren K. Baynes, Director, Global Marketing Communications, The Open Group The Open Group Baltimore 2015, Enabling Boundaryless Information Flow™, July 20-23, was held at
Following is the transcript of an Open Group discussion on ways to address supply chain risk in the information technology sector marketplace. Listen to the
Following is a transcript of part of the proceedings from The Open Group San Diego 2015 in February. The following presentations and panel discussion, which
By Jim Hietala, VP Security, and Andrew Josey, Director of Standards, The Open Group This is the third in our four part blog series introducing
By Sally Long, Forum Director, Open Trusted Technology Forum, The Open Group A First Line of Defense in Protecting Critical Infrastructure – A Technical Solution
By Allen Brown, President and CEO, The Open Group In early December, a technical problem at the U.K.’s central air traffic control center in Swanwick,
By Sally Long, Director of The Open Group Trusted Technology Forum (OTTF)™ In April 2013, The Open Group announced the release of the Open Trusted Technology
