5 months, 26 days ago

Introducing The Open Group Open FAIR™ Risk Analysis Tool

Since late in 2016, The Open Group Security Forum have been collaborating with San Jose State University and Probability Management to develop a Risk Analysis tool that adheres to The Open Group Open FAIR™ Standard.

With a view to creating a tool that helps accelerate the adoption of the Open FAIR standard, the tool provides both experienced and novice risk practitioners with a practical and pragmatic tool to help analyse perceived risk in a consistent and simple to use way, whatever industry they work in. It is now ready and we are pleased to make it available to use and evaluate for free.

9 months, 19 days ago

New Security Architecture Practitioner’s Initiative

Organization leaders know they need cybersecurity, but 2017 has driven that point home with special force. Intelligence Agencies have shown that even the most secure targets are vulnerable, and the rapid proliferation of ransomware has demonstrated that damage can be crippling and come without warning.

The Security Architecture Practitioner’s Initiative is a joint effort of The Open Group Security Forum (a global thought leader in Enterprise Architecture) and The SABSA Institute (a global thought leader in Security Architecture) to articulate in a clear, approachable way the characteristics of a highly-qualified Security Architect.

10 months, 15 days ago

TIP of the Iceberg: Research Announcement on Threat Intel Platforms

A common feature in the threat intelligence platform (TIP) space is aggregation of data and providing an interface for managing threat intelligence — this seems to be where the product visions diverge. While many of these platforms have been arou…

11 months, 19 days ago

CSI: Your Network – Reconstructing the Breach

September 2017 was a busy month. Three major breach notifications in Deloitte, the SEC, and Equifax… and my first Wave dropped, coincidentally on Digital Forensics & Incident Response Service Providers. Following all this commotion, I had a client reach out and ask me how… How are investigators able to reconstruct digital crime scenes to identify […]

1 year, 1 month ago

You Deserve What You Tolerate…

After reading through some other blogs and strategy papers over the weekend, (Don’t judge me. To some of us, this activity constitutes a good time…Yes, lame…I know.) I saw what appeared to be an underlying theme across the narratives I’d read: Security tolerates failure. It’s understandable that it happens, but I think, if we are […]

1 year, 1 month ago

Cyber Disruption, State Government and the Constitution: A Conversation with Eric Sweden

In the digital age, whether an organization will experience a cyber disruption is not a question of “if” but “when?” Although disruptive events may be inevitable, they can be prepared for with some strategizing and planning.

1 year, 2 months ago

Applying Our Research To Black Hat 2017

I summarized RSA 2017 in the following way: It’s a bit like the supermarket, you’ll make far healthier choices if you stick to the outer aisles. Well, Las Vegas B-Sides, Black Hat, and DefCon are taking place this week and since these events differ in tone, audience, and participants, I’ve updated my advice: We’ve gone […]

2 years, 5 months ago

The Open Group London 2016 to Take Place April 25-28

By The Open Group The Open Group, the vendor-neutral IT consortium, is hosting an event in London, April 25-28. Following on from the San Francisco event earlier this year, The Open Group London 2016 will focus on how Enterprise Architecture … Continue reading

3 years, 1 month ago

The Open Group Baltimore 2015 Highlights

By Loren K. Baynes, Director, Global Marketing Communications, The Open Group The Open Group Baltimore 2015, Enabling Boundaryless Information Flow™, July 20-23, was held at the beautiful Hyatt Regency Inner Harbor. Over 300 attendees from 16 countries, including China, Japan, … Continue reading

3 years, 3 months ago

Using Risk Management Standards: A Q&A with Ben Tomhave, Security Architect and Former Gartner Analyst

By The Open Group IT Risk Management is currently in a state of flux with many organizations today unsure not only how to best assess risk but also how to place it within the context of their business. Ben Tomhave, … Continue reading