In the world of technology, there are paradigms of language that arise organically and artificially over time. Necessity requires a shared mode of communication for ideas and as a result, descriptors, nouns, and technical designators are created and shared. The problem arises when certain words acquire a surfeit of meaning, so much so that they paradoxically become less meaningful. There are many examples of this but for our purposes, we’re going to look at “Supply Chain Security”.
Tag: Supply Chain Security
Solorigate: A case study for why supply chain security is critical for governments and businesses
By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group
In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.
After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.
The Open Trusted Technology Provider™ Standard (O-TTPS) – Approved as ISO/IEC 20243:2015 and the O-TTPS Certification Program
By The Open Group
The increase of cybersecurity threats, along with the global nature of Information and Communication Technology (ICT), results in a threat landscape ripe for the introduction of tainted (e.g., malware-enabled or malware-capable) and counterfeit components into ICT products. This poses significant risk to customers in the operation of their business enterprises and our critical infrastructures.
Securing Business Operations and Critical Infrastructure: Trusted Technology, Procurement Paradigms, Cyber Insurance
Following is the transcript of an Open Group discussion on ways to address supply chain risk in the information technology sector marketplace. Listen to the
New Accreditation Program – Raises the Bar for Securing Global Supply Chains
By Sally Long, Director of The Open Group Trusted Technology Forum (OTTF)™ In April 2013, The Open Group announced the release of the Open Trusted Technology
Developing standards to secure our global supply chain
By Sally Long, Director of The Open Group Trusted Technology Forum (OTTF)™ In a world where tainted and counterfeit products pose significant risks to organizations, we see