Solorigate: A case study for why supply chain security is critical for governments and businesses

By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group

In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.

After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.

Reflections on 2020 and Looking Ahead to 2021

By Steve Nunn, President and CEO, The Open Group

Happy New Year everyone!

Firstly, I hope that you, your family, and friends, have been able to stay safe during these trying times. So many around the world have lost so much in this COVID-19 pandemic which clearly will be with us for some time yet. We must, however, be heartened by the unprecedented speed with which vaccines have been developed. The delivery and administration of these vaccines has only just begun, of course, but we have good reason to be optimistic about the coming months.

Open Trusted Technology Provider™ Standard (O-TTPS) Version 2.0 Update Project

The Open Group Open Trusted Technology Forum (OTTF) is pleased to announce that it is initiating a project to update the Open Trusted Technology Provider™ Standard (O-TTPS), a standard of The Open Group, Parts 1 and 2 to Version 2.0.  The O-TTPS V2.0 Update Project will seek to update Parts 1 and 2 of the O-TTPS to reflect learnings from organizations that have successfully certified products against the standards as well as the work done by government organizations in the area of supply chain security.

TOGAF® 9 Certification Passes 100,000 Milestone!

The Open Group is very pleased to announce the number of individual certifications worldwide in the TOGAF® 9 certification program has passed the major milestone of 100,000.

TOGAF 9 certification is the trusted vendor-neutral and globally recognized certification for the TOGAF Standard, the open Enterprise Architecture standard used by the world’s leading organizations to improve their business efficiency.

TOGAF® CERTIFICATION MILESTONE – SOON TO REACH 100K GLOBALLY

The number of individuals certified in the TOGAF® Certification Program as of May 2020 is growing rapidly and about to surpass 100,000 – currently standing at 98,900. This includes certified individuals from 149 countries, with the most certifications awarded in the UK, USA, India, Netherlands, and Australia.

The TOGAF Standard, a standard of The Open Group, is a proven Enterprise Architecture (EA) methodology and framework, used by the world’s leading organizations to improve business efficiency. Representing a Body of Knowledge from world-leading practitioners, the latest TOGAF Standard, Version 9.2 is universally known as industry best practice.

The Interesting Case of Who’s Using the IT4IT™ Standard – Part One – The Banking and Insurance Sectors

The Open Group IT4IT™ Reference Architecture, a standard of The Open Group, is a value chain-based standard reference and operating model for managing the business of IT. It creates a model of the functions that IT performs to help organizations identify the activities that contribute to business competitiveness.

It supports real-world use-cases driven by the Digital Economy such as, Cloud-sourcing, Agile, DevOps, and service brokering, and is designed for existing landscapes, and accommodates future IT paradigms, making it ideal for Digital Transformation projects.

1 2 3