Applying EA Frameworks to Enhance Cybersecurity
How can organisations effectively apply Enterprise Architecture frameworks to enhance…
Aggregated enterprise architecture wisdom
How can organisations effectively apply Enterprise Architecture frameworks to enhance…
By John Linford, Forum Director, The Open Group, Security & Open Trusted Technology (OTTF)
The Open Group Open Trusted Technology Forum (OTTF) is pleased to announce the publication of Version 1.2 of the Open Trusted Technology Provider™ Standard (O-TTPS). The movement from Version 1.1.1 to Version 1.2 represents a deliberate review of the O-TTPS to ensure the requirements in it remain up to date and reflect learnings from industry and government.
By Ash Patel – Marketing Specialist, The Open Group
Recently we reached out to Joanne Woytek (Program Director for the NASA SEWP Program), to discuss her role as a Governing Customer Member Representative for The Open Group Governing Board.
At the time of writing we are heading into Christmas, we’ve just started the traffic light system, we are getting our vaccine passports, and there are new variants of Covid spreading. Spammers and scammers take advantage of events like these (and the confusion and anxiety that comes with them) to rip us off. So do […]
Last week, The Open Group Open Digital Standards October 2021 brought together organizations and speakers from across the world to discuss how the cross-industry development of open standards is helping businesses become digital-first. The global event was hosted in Brazil, China, India, Japan, South Africa, United Kingdom, and the United States. The event commemorated The Open Group 25th anniversary – acknowledging and reminiscing the remarkable achievements in the technology standards arena. Over 2,600 attendees from more than 100 countries gathered virtually to to share in the celebration and learn more about open technology standards.
On May 12, 2021, President Joe Biden issued the Executive Order on Improving the Nation’s Cybersecurity. This EO enumerates that “…the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.” The EO contains a significant level of detail regarding areas of improvement for federal IT systems, as well as policy responses to be implemented by the government in support of greater security for private and public IT systems. The EO mentions in some detail the shift to zero trust security as a part of what is needed to combat cyber threats, as well as increased reliance on enhanced supply chain security.
Nikhil Kumar, ZTA Working Group Co-Chair & President, Applied Technology Solutions, Inc. Mark Simos, ZTA Working Group Co-Chair & Lead Cybersecurity Architect, Microsoft Altaz Valani,
By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group
In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.
After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.
The Open Group Security Forum is thrilled to announce the publication of an update to the Open FAIR™ Body of Knowledge (BoK). The Open FAIR BoK is comprised of The Open Group Risk Taxonomy (O-RT) Standard and The Open Group Risk Analysis (O-RA) Standard. The Open Group initiated a standards effort regarding FAIR ~10 years ago, and these standards define the official, open, vendor-neutral and consensus-developed definition of FAIR.
This blog post is the third of three in a series to describe updates to the Open FAIR™ Body of Knowledge. It will describe specific updates to O-RT to bring it to Version 3.0. The first post described revisions made to both O-RA and O-RT for consistency between the documents; the second post described specific updates to O-RA to bring it to Version 2.0.
I’ve heard a few people in different organisations mention that they weren’t worried about ransomware because they could just restore from backup. If only it were that easy! CERT NZ and the US Cybersecurity & Infrastructure Security Agency have recently warned about increases in cases of the RYUK ransomware (specifically affecting the healthcare industry). This […]
I am participating on an Evanta panel on November 2nd titled “Looking to the Future – Lessons Learned from 2020“. In May, I did a talk on the early days of our pandemic response which you can see here: Pandemic Response Keynote – Smart Com…
Schneider Electric, the leader in digital transformation of energy management and automation, and Aramco, the world’s pre-eminent integrated energy and chemicals company that drives global commerce and enhances the daily lives of people around the globe, today announced they have signed a memorandum of understanding to collaborate on assessing emerging technologies based on The Open Group Open Process Automation™ Standard (O-PAS). Testing will take place at a new built-for-purpose test bed in the Saudi Schneider Electric Innovation and Research Center in Dhahran Techno Valley, Saudi Arabia.