Aggregated enterprise architecture wisdom
We created the Cookbook for ISO/IEC 27005:2005 for anyone tasked with selecting, performing, evaluating, or developing a risk assessment methodology. I can say with confidence that we have met our goals in creating comprehensive and needed guidance an…
Listen to our recorded podcast on how enterprises need to change their thinking to face cyber threats, or read the transcript. The podcast was recorded by Dana Gardner of Interarbor Solutions at The Open Group Conference, San Diego 2011. Continue readi…
Listen to our recorded podcast on the OTTF, or read the transcript. The podcast was recorded by Dana Gardner of Interarbor Solutions at The Open Group Conference, San Diego 2011. Continue reading →
The OTTF’s purpose is to shape global procurement strategies and best practices to help reduce threats and vulnerabilities in the global supply chain. I’m proud to say that we have just completed our first deliverable towards achieving our goal: The Open Group Trusted Technology Framework (O-TTPF) whitepaper. Continue reading →
The Open Group Conference, San Diego: I’ve found these conferences over the past five years an invaluable venue for meeting and collaborating with CIOs, enterprise architects, standards stewards and thought leaders on enterprise issues. It’s one of the few times when the mix of technology, governance and business interests mingle well for mutual benefit. Continue reading →
Today, Jan. 28, is Data Privacy Day around the world, and a time to think about organizational and global challenges relating to data security. What is your organization’s primary cybersecurity challenge? Take our poll and read on to learn about some of The Open Group’s resources for security professionals. Continue reading →
Security professionals rarely say that things are getting better on the threat side of information security. Underfunding IT security programs is a recipe for disaster. Continue reading →
Supply chain risk needs focus to be able to address the concern. If everything is “a supply chain risk,” then we can’t focus our efforts and hone in on a reasonable, achievable, practical and implementable set of practices that can lead to better supply chain practices for all, and a higher degree of confidence among purchasers. Continue reading →
Can the disciplines of architecture and information security do a better job of co-existence? What would that look like? Can we get to the point where security is truly “built in” versus “bolted on”? Continue reading →
The core dilemma in public cybersecurity: Balancing boundarylessness and data security. The solution isn’t easy, but long-term, it lies in not relying on the security of the pipes or the perimeter, but improving the trust and security of the data itself. Security needs to be associated with data and people; not the connections and routers that carry it. Continue reading →
What do you do when you are full of ideas, are privy to the collaboration initiatives between the top IT, security and EA professionals in the world, and have a lot to say? You start a blog, of course. Welcome … Continue reading →