By Ash Patel – Marketing Specialist, The Open Group
Recently we reached out to Joanne Woytek (Program Director for the NASA SEWP Program), to discuss her role as a Governing Customer Member Representative for The Open Group Governing Board.
Category: Supply Chain Security
A Shared Language for Supply Chain Security
In the world of technology, there are paradigms of language that arise organically and artificially over time. Necessity requires a shared mode of communication for ideas and as a result, descriptors, nouns, and technical designators are created and shared. The problem arises when certain words acquire a surfeit of meaning, so much so that they paradoxically become less meaningful. There are many examples of this but for our purposes, we’re going to look at “Supply Chain Security”.
Solorigate: A case study for why supply chain security is critical for governments and businesses
By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group
In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.
After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.
Welcome to our New VP & CTO – Andras Szakal
The Open Group is proud to announce that Andras Szakal will be taking the role of Vice President and Chief Technology Officer. He will be responsible for leading the company’s technical strategy and strategic technical vision for evolving standards.
Open Trusted Technology Provider™ Standard (O-TTPS) Version 2.0 Update Project
The Open Group Open Trusted Technology Forum (OTTF) is pleased to announce that it is initiating a project to update the Open Trusted Technology Provider™ Standard (O-TTPS), a standard of The Open Group, Parts 1 and 2 to Version 2.0. The O-TTPS V2.0 Update Project will seek to update Parts 1 and 2 of the O-TTPS to reflect learnings from organizations that have successfully certified products against the standards as well as the work done by government organizations in the area of supply chain security.