Zero Trust Architecture

Supply Chain Security

Washington, DC | July 25-27, 2022

Event Location

The Mayflower Hotel
1127 Connecticut Avenue, NW, Washington, DC, 20036
 
Hotel cutoff date: July 8, 2022
You can use this link to book your hotel room at the group rate of $225
 
Hotel reservations are on a first-come first-served basis.
You can also contact the hotel directly to make a reservation at US toll free number: +1-877-212-5752
 

About the Event   

July 25-26, 2022

Zero Trust Architecture

Zero Trust and Zero Trust Architecture (ZTA) represent a fundamental shift  in security from implicit permissions to explicit permissions.
This means organizations, whether public or private, are changing from allowing those inside a “secure” network to have access to assets whenever
(implicit trust) to instead verifying the identity of those seeking access (explicit trust), allowing access only as needed by those who need it
when they need it. This is a shift from a perimeter-centric approach to an asset-centric approach. Zero Trust brings security to the users,
data & information, applications, APIs, devices, networks, cloud, etc. wherever they are – instead of forcing them onto a “secure” network.

How Zero Trust Architecture Can Help Secure Data

ZTA provides a way to secure data, a critical asset of the organization, allowing access only to those who need it.

  • By treating data as an asset, a Zero Trust Architecture ensures the data can keep their integrity across their entire lifecycle.
  • For organizations heavily relying upon data to make decisions, it is imperative that the data used keep their integrity and can be used by data scientists.
  • By securing at the asset-level and utilizing secured zones as required, organizations can pursue business objectives while effectively managing risk and continue to operate while in a state of assumed breach.
  • Organizations can maintain agility and complete in the Digital Age while remaining secure, operating in a world characterized by velocity, complexity, and disruption, with the goal of enabling better user experience through simplicity, speed, and ability to support scale.

Supply Chain Risk Management

As evidenced over the last couple years, threats to supply chain integrity are a global problem that impacts users and consumers of information and communications (ICT) technology. Solving this problem requires international adoption of best practices and standards by government and enterprise customers and large and small vendors who are all part of the supply chain.

NASA SEWP has worked with the Department of Defense, Private Industry and International Standards Groups for 20 years on Supply Chain Risk Management (SCRM) practices and standards, and the Government-Wide Acquisition Contracts (GWACs).

The NASA SEWP acquisition platform includes the Open Trusted Technology Provider (O-TTPS) ISO 20243 standard for "maliciously tainted and counterfeit products" that are consistent in purpose and intent with existing and emergent federal policy guidelines. There is a direct correlation between the ISO standard and the controls and practices advocated by NIST. The standard addresses some SCRM needs and can be leveraged by federal buyers to comply with recommended practices. The ISO standard can be applied throughout Government buying platforms utilizing articulated requirements.  Learn about the Benefits of Being Certified as an Open Trusted Technology Provider (O-TTPS).

Open Trusted Technology Provider Standard (O-TTPS)

  • Understand how O-TTPS helps assure product integrity and supply chain security so that industry can "Build with integrity, buy with confidence" 
  • Learn best practices in all phases of a product's life cycle -- design, sourcing, build, fulfillment, distribution, sustainment, and disposal -- to enhance the integrity of COTS ICT products, and the security of their global supply chains
  • Join O-TTPS Birds-of-a-Feather networking reception (Mon. evening) to discuss how to solve similar problems from different perspectives with like-minded individuals

The Open Trusted Technology Forum is responsible for maintaining and updating the Open Trusted Technology Provider™ Standard (O-TTPS), which is technically equivalent to ISO 20243. The O-TTPS differs from traditional cyber security standards in that it focuses on verification of the procedures used within the organization to maintain security and integrity of the supply chain, rather than on testing of individual products or systems. The certification program is one of the first of its kind in providing certification for conforming to standards for product integrity coupled with supply chain security.

Both private and public sector organizations increasingly rely on ICT solutions, which are produced globally, to run their operations. These systems need to be secure and to be kept free of major defects and vulnerabilities for customers to trust them. Equally, providers need to achieve integrity of their supply chains to help attest these systems do not ultimately compromise the security posture of their customers. Moreover, providers need to implement controls that strengthen the integrity of systems containing their intellectual property, thereby mitigating the risk of potential counterfeit components and the loss of intellectual property revenue. 

Complimentary sessions (attend in-person or via LinkedIn Live): 

  • TOGAF® User Group (Tue. July 26, 2:00-5:30 pm)
  • Data Science Workshop (Wed. July 27, 2:00-4:30 pm)

 

Agenda

All times are U.S. Eastern Time (GMT-5) Convert to your timezone here

The Open Group standards ensure openness, interoperability, and consensus.

Speakers

 

   Event Fees

(includes lunch and giveaways)

2-Day Pass (Mon and Tue)

Member: $700

Government: $800 

Non-Member: $1025 

 

     1-Day Pass (Mon or Tue)

Member: $400

Government: $550

Non-Member: $650 

 

* Complimentary Sessions (in-person and via LinkedIn Live) include: 

TOGAF User Group (Tue)

Data Science Workshop (Wed)

 

Sponsors and Exhibitors

The Open Group Platinum Members