Ethan Hunt escapes from a Russian prison, with a remote accomplice opening and closing the doors of the facility through the Internet. John McClane faces a digital fire sale that step by step shuts down the entire national infrastructure.
They used to be scripts straight out of Hollywood. Now, they are moving to Washington.
Only last week, president Obama announced that the US recently was under cyber attack. Trains had derailed and water treatment plants were deactivated. You could almost envision Chloe O’Brian in the crisis room of the White House, trying to make sense of the yet unknown hackers who had inserted malicious software into the networks of the utility companies that run transportation, water and other critical infrastructure systems.
As it turns out, this scenario was only a simulation. But it comes extremely close to reality, as was demonstrated by blood-chilling, real-life examples that several speakers gave at last week’s Open Group conference in – appropriately – Washington D.C. And they are only the tip of the iceberg, one of the speakers assured us, as he didn’t want to unnecessarily inspire the external hackers.
Cybersecurity is a hot topic for a standardization consortium like The Open Group. First of all, because only shared, collaborative standards can create the mass and momentum that are needed to deal with this quickly emerging, global issue. But also – even more importantly – because the potential of open, connected business networks can only be unleashed if the exchange of information is safe and reliable. Finally, security is a topic that needs to be addressed in the right architectural way at the enterprise level (and Enterprise Architecture clearly is one of the other sweet spots of The Open Group).
The conference contained a simple, but crucial message to both security experts and enterprise architects: Cybersecurity needs to be infused with all elements of end-to-end business transformation, equally affecting people, processes and technology. To enterprise architects, this means security needs to permeate all of the dimensions, layers and lenses they deal with. To security experts, it is once again a reminder that security is not the sole meaning of life, and rather than preventing change it should be the enabler to new, collaborative ways of doing business.
It all requires a healthy appetite for risk.
(By the way, have a look at a new deliverable of the Jericho Forum, one of the inspiring communities within The Open Group that has been exploring the paradox of open interoperability and security for quite some time now. Their 14 Identity Management commandments will be explained in a set of videos, the first one released last week).