One of the most important responsibilities of the information security professional (or any IT professional, for that matter) is to help management make well-informed decisions. Unfortunately, this has been an illusive objective when it comes to risk.
Joshua Brickman from CA Technologies gives context to a recent testimony by The Open Group’s Dave Lounsbury in front of the House of Representatives Sub-Committee on Energy and Commerce. With security concerns around the global supply chain on the rise, Brickman details the Open Trusted Technology Forum (OTTF) with respect to building a conformance criteria to give a level of “surety.” He also highlights the sessions to follow at the upcoming Open Group Cannes Conference.
The OTTF’s purpose is to shape global procurement strategies and best practices to help reduce threats and vulnerabilities in the global supply chain. I’m proud to say that we have just completed our first deliverable towards achieving our goal: The Open Group Trusted Technology Framework (O-TTPF) whitepaper.
Supply chain risk needs focus to be able to address the concern. If everything is “a supply chain risk,” then we can’t focus our efforts and hone in on a reasonable, achievable, practical and implementable set of practices that can lead to better supply chain practices for all, and a higher degree of confidence among purchasers.