Security shield

Sitting Down with John Linford- Security & OTTF Forum Director, The Open Group

Recently we reached out to John Linford, Security & OTTF Forum Director, for The Open Group, to discuss his role, industry advice, updates within his Forum and lots more. Thank you again to John for his time and for giving us an expansive look into his Forum at large. Please see the full interview below:

Please can you tell us how long you have been in your role and what you enjoy most about it?

I joined The Open Group in June 2019, coming from San Jose State University where I taught economics. While teaching, I contributed to creating the Open FAIR ™ Risk Analysis Process Guide, which served as my main introduction to The Open Group. I immediately fell in love with the engaging discussions involved in creating that Guide and working closely with industry experts to do so.

I still enjoy that aspect of my role the most – working with individuals so knowledgeable is incredibly rewarding when we can align on ideas and on how to present them. Getting to that alignment can be challenging, but it is never boring!

What has your journey with The Open Group been like so far?

My journey with The Open Group began with Open FAIR. I learned about the Standards to assist Security Forum Chair Mike Jerbic with a course he was teaching at San Jose State University while I was completing my master’s in economics. This led to my becoming Open FAIR Certified and eventually to me acting as primary author of the Open FAIR Risk Analysis Process Guide.

After a series of conversations with The Open Group President and CEO Steve Nunn, I was fortunate enough to then become Forum Director of both the Security Forum and the OTTF, and I have thoroughly enjoyed helping along the various projects and activities in these Forums.

I had the unusual experience of being in my role for only about 6 months before COVID-19 shut down travel and changed the way we work – just when I thought I had things figured out, I had to completely change my approach.

Are there any new updates within your Forum that you can share?

The Security Forum is working hard on updates to the Open FAIR Certification Program to ensure it aligns with the newest versions of the Open FAIR Standards. We are also making excellent progress on an initial Zero Trust Reference Model Snapshot and are considering “promoting” a couple existing documents to act as the basis for a Certification Program – this idea is in its very early stages, and we welcome input on it.

The Open Trusted Technology Forum is actively working to solicit feedback on the O-TTPS Certification Program from Certified Organizations. We intend to utilize this feedback to improve and/or clarify relevant documents. We are also beginning a collaboration project with the Security Forum to offer guidance on quantitative supply chain risk management, leaning on the

O-TTPS and Open FAIR Body of Knowledge.

Can you tell us about any exciting updates planned within your Forum?

Both the Security Forum and the OTTF are diligently working on updates to their respective certification programs (Open FAIR and O-TTPS, respectively).

The Security Forum is also now working on mapping its existing publications to describe how they work together and to identify where gaps occur. This will allow collaborations with other Work Groups and Forums of The Open Group as we work to fill these gaps and/or rectify divergent thinking. We expect these efforts to fit extremely well with efforts on the Digital Portfolio of Standards and foresee many opportunities for engaging conversations on security topics throughout The Open Group.

What are you most looking forward to for the year ahead?

Outside of seeing the launch of the updated Open FAIR and O-TTPS Certification Programs, returning to traveling and attending industry events has been extremely pleasant –it is hard to believe how much I missed having engaging conversations in person. I am greatly looking forward to attending and presenting at more events.

Is there any advice you can give for those looking to start in the industry?

Learn everything you can and don’t think you know it all – this is not a field that takes a break or slows down. Threat agents are constantly learning and evolving; technologies are constantly changing; and attacks are becoming more sophisticated. Participation in organizations such as The Open Group allows conversations with industry leaders who are keenly and actively following industry trends and changes and can offer unique perspectives on events as they unfold.

If you could give advice to your respective self before starting in your role, what would it be?

Embrace templates and take the time to make and/or revise them as you notice repeat tasks. Creating a detailed Project Charter that is consistent across efforts allows work streams to begin far more efficiently and ensures participants are aligned not only on the project concept but on the goals and methods that will be used for success. Taking a bit more time at the beginning of these efforts results in work occurring far more quickly when it does get going.

Ash Patel, Marketing Specialist, joined The Open Group in 2020, initially working in the Certification Team as a Certification Services Agent, before moving into the Marketing Team where he now works on digital communications, content for the staff intranet (O-Zone), SEO (Search Engine Optimization), and analytics. Ash holds a First-Class Bachelor’s Degree in Media Production (BA hons) from Coventry University and has a background in content writing, copy writing, script writing, photo editing, and video editing. He is based in the UK.