Solorigate: A case study for why supply chain security is critical for governments and businesses

By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group

In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.

After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.

The Open Group to Hold Upcoming Event in Singapore

The Open Group, the vendor-neutral technology standards consortium, is hosting its upcoming event in Singapore, October 29 – November 1, 2018. The Open Group Singapore 2018 will bring together vendors and end user organizations to discuss the development of standards-based and interoperable architecture. The event will focus not only on emerging digital technologies, but also on the standards, architectures and business frameworks that support and enable the transition to and implementation of the modern Digital Enterprise.

New Security Architecture Practitioner’s Initiative

Organization leaders know they need cybersecurity, but 2017 has driven that point home with special force. Intelligence Agencies have shown that even the most secure targets are vulnerable, and the rapid proliferation of ransomware has demonstrated that damage can be crippling and come without warning.

The Security Architecture Practitioner’s Initiative is a joint effort of The Open Group Security Forum (a global thought leader in Enterprise Architecture) and The SABSA Institute (a global thought leader in Security Architecture) to articulate in a clear, approachable way the characteristics of a highly-qualified Security Architect.

Making Standards Work for e-Government at The Open Group Ottawa conference, July 17-20, 2017

The Open Group Ottawa 2017 Highlights

The aim of this event was to unite practitioners and industry experts to discuss achievements, lessons learned and looming issues in e-Government. The theme, “Making Standards Work® e-Government” looked at the e-Society, e-Technology and e-Management viewpoints –federal, provincial, municipal and NGOs. Emphasis was on how techniques such as Enterprise Architecture and Business Design and standards such as TOGAF® and ArchiMate® are acting as a foundational core for enterprise transformation.
Topics include: issues surrounding business transformation, business analysis, information sharing, e-health, privacy and cyber-security. In addition, the strategic execution and the application of emerging technologies and management techniques to e-Government will be the subject of presentations by global experts.

1 2 3 7