A Shared Language for Supply Chain Security

In the world of technology, there are paradigms of language that arise organically and artificially over time. Necessity requires a shared mode of communication for ideas and as a result, descriptors, nouns, and technical designators are created and shared. The problem arises when certain words acquire a surfeit of meaning, so much so that they paradoxically become less meaningful. There are many examples of this but for our purposes, we’re going to look at “Supply Chain Security”.

Solorigate: A case study for why supply chain security is critical for governments and businesses

By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group

In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.

After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.

A Year of Growth and Opportunity: 2019 and a Look Ahead to 2020

By Steve Nunn, President and CEO, The Open Group

As we usher in the new decade, I would like to express my sincerest wishes for you – our valued Members, The Open Group global community, and staff – to enjoy much happiness and great success in 2020.

What a year it has been here at The Open Group! As I reflect on 2019 and consider what is to come in 2020, one thing is very clear – The Open Group is doing even more of what it does best – helping to solve real business problems through technology standards.

The Open Group Dublin 2019 – Event Highlights

The Open Group hosted its latest event in Croke Park in the vibrant city of Dublin, April 29 – May 2, welcoming attendees that included decision-makers, Enterprise Architects, engineers, technologists and end-users representing many businesses and governments. The theme of this event and a topic which ran through many of the speaker sessions was ‘Digital in Practice’, covering not only the emerging digital technologies but also the standards, architectures and business frameworks that support and enable the transition to, and implementation of, the modern Digital Enterprise.

The Open Group Scottsdale 2019 – Event Highlights

The Open Group hosted its latest event in the Scottsdale Plaza Hotel, Arizona, January 28 – 31, welcoming over 600 attendees including decision-makers, Enterprise Architects, engineers, technologists and end-users representing many businesses and governments. The theme was ‘Digital in Practice and the Supply Chain’, with a focus on the standards, architectures, and business frameworks that support and enable the transition to a modern Digital Enterprise.

The Open Trusted Technology Provider™ Standard (O-TTPS) – Approved as ISO/IEC 20243:2015 and the O-TTPS Certification Program

By The Open Group

The increase of cybersecurity threats, along with the global nature of Information and Communication Technology (ICT), results in a threat landscape ripe for the introduction of tainted (e.g., malware-enabled or malware-capable) and counterfeit components into ICT products. This poses significant risk to customers in the operation of their business enterprises and our critical infrastructures.

1 2 3 6