|
LOG IN |
|
 
|
US group aims to help secure the technology supply chain17 Dec 2010Source GCN A working group of US government, commercial and academic organizations has been formed to identify and promote best practices for securing the global technology supply chain from malicious activity. The Trusted Technology Forum is a product of the Acquisition Cybersecurity Initiative sponsored by the Defense Department and supported by the Open Group, an industry open standards body, to help define trustworthy acquisition policies and practices. “We’ve defined a Trusted Technology Provider Framework based on existing open standards and best practices,” said Andras Szakal, distinguished engineer at IBM and an Open Group board member. One of the requirements of the framework is that it be “grounded in reality” and based on practices already in use by organizations with mature supply chain security programs, he said. An initial version of the framework has been developed but not released. The forum’s first product is expected to be a white paper based on the framework outlining current best practices. The forum has defined supply a supply chain threat or attack as the subversion of hardware or software prior to delivery in order to put in a vulnerability for later exploit. Read more here |
  |
