IT security

2 years, 10 months ago

Solorigate: A case study for why supply chain security is critical for governments and businesses

by

By Jim Hietala (VP, BD and Security), Andras Szakal (VP and CTO), John Linford Security and OTTF Forum Director) – The Open Group

In potentially the most damaging cyber-supply chain attack ever, a leading IT systems management vendor became the latest hi-tech company to suffer a major cybersecurity breach with wide-reaching consequences. The malware that caused the attack has been dubbed SUNBURST by Microsoft and code-named Solorigate by FireEye, the security consulting firm that uncovered the breach after falling victim to it late last year.

After successfully infiltrating the development environment, attackers were able to observe and learn how to subvert the vendor’s development and operations pipeline. Hackers were then able to maliciously taint the vendor’s product by planting a sophisticated trojan. Once the software, which required broad systems access, was installed in customers’ environments, the attackers were able to leverage the tainted software to exfiltrate sensitive information from within an organization’s network.

5 years, 1 month ago

The Open Group to Hold Upcoming Event in Singapore

by

The Open Group, the vendor-neutral technology standards consortium, is hosting its upcoming event in Singapore, October 29 – November 1, 2018. The Open Group Singapore 2018 will bring together vendors and end user organizations to discuss the development of standards-based and interoperable architecture. The event will focus not only on emerging digital technologies, but also on the standards, architectures and business frameworks that support and enable the transition to and implementation of the modern Digital Enterprise.

5 years, 11 months ago

New Security Architecture Practitioner’s Initiative

by

Organization leaders know they need cybersecurity, but 2017 has driven that point home with special force. Intelligence Agencies have shown that even the most secure targets are vulnerable, and the rapid proliferation of ransomware has demonstrated that damage can be crippling and come without warning.

The Security Architecture Practitioner’s Initiative is a joint effort of The Open Group Security Forum (a global thought leader in Enterprise Architecture) and The SABSA Institute (a global thought leader in Security Architecture) to articulate in a clear, approachable way the characteristics of a highly-qualified Security Architect.

6 years, 3 months ago

Open SIPMath™ Standard for Managing Unpredictable Risks

by

The ability to manage calculations and make more accurate predictions about uncertainty for risk management is now accessible to anyone with a common spreadsheet through the use of the open SIPMath™ Standard, which allows users to perform arithmetic on uncertainties for better outcomes.

6 years, 4 months ago

The Open Group Ottawa 2017 – Event Highlights

by

The Open Group hosted over 300 attendees from 17 countries July 17 – 20 for the ‘Making Standards Work® e-Government’ event at the Shaw Centre in Canada’s beautiful capital city, Ottawa. It was a wonderful time to be in the country as Canada is celebrating its 150th anniversary!

8 years, 5 months ago

Using Risk Management Standards: A Q&A with Ben Tomhave, Security Architect and Former Gartner Analyst

by

By The Open Group IT Risk Management is currently in a state of flux with many organizations today unsure not only how to best assess risk but also how to place it within the context of their business. Ben Tomhave, … Continue reading

8 years, 7 months ago

Survey Shows Organizations Are Experiencing an Identity Crisis When it Comes to IT Risk Management

by

By Jim Hietala, VP, Business Development & Security, The Open Group Last fall, The Open Group Security Forum fielded its first IT Risk Management Survey in conjunction with the Society of Information Risk Analysts (SIRA) and CXOWARE The purpose of … Continue reading

8 years, 7 months ago

Risk, Security and the Internet of Things: Madrid 2015 Preview

by

By Jim Hietala, Vice President, Business Development & Security, The Open Group The Internet of Things (IoT) is a fast evolving phenomenon. From smartphones and tablets to connected cars and industrial control systems, the number of IoT devices is continuing … Continue reading

8 years, 8 months ago

Enabling the Boundaryless Organization the Goal of The Open Group Madrid Summit 2015

by

The Open Group, the global vendor-neutral IT consortium, is hosting its latest event in Madrid April 20 – 23 2015. The event is set to build on the success of previous events and focus on the challenge of building a … Continue reading

8 years, 8 months ago

Cybersecurity Standards: The Open Group Explores Security and Ways to Assure Safer Supply Chains

by

Following is a transcript of part of the proceedings from The Open Group San Diego 2015 in February. The following presentations and panel discussion, which together examine the need and outlook for Cybersecurity standards amid supply chains, are provided by … Continue reading

9 years, 1 month ago

Open FAIR Blog Series – Five Reasons You Should Use the Open FAIR Body of Knowledge

by

By Jim Hietala, VP, Security and Andrew Josey, Director of Standards, The Open Group This is the second in our blog series introducing the Open FAIR Body of Knowledge. In this blog, we provide 5 reasons why you should use … Continue reading