Addressing Security in the Global Supply Chain
Trusted Technology Forum (OTTF) Panel Session — Tuesday, February 8, 12:00 - 12:45 pm
Governments and large enterprises are cognizant and appreciative of the benefits of globalization. At the same time, they recognize their increasing reliance on commercial off-the-shelf (COTS) information technology (IT) components (software and hardware) to deliver mission critical operations. As cyber attacks increase in sophistication, stealth and severity, governments and larger enterprises have also begun to take a more comprehensive approach to risk management and product assurance.
In addition to enhancing information security by improving security practices across the enterprise, governments and enterprises have begun inquiring about the practices information technology vendors use to protect the integrity of their products and services as they move through the global supply chain. This supply chain management challenge becomes increasingly more difficult when considering that, in today's global market place, building a product depends upon outsourcing and integrating components, subcomponents, proprietary and open-source components, hardware and software elements, from many sources, some known, some unknown, from around the globe.
To address these challenges The Open Group in conjunction with government and enterprise partners has launched the Trusted Technology Forum (OTTF) to promote an industry-wide effort where suppliers identify the current best practices and processes that contribute to the secure and trusted development, manufacture, delivery, and ongoing operation of commercial products. The OTTF will also address global cybersecurity policy issues and best practices for standards integration across the assurance landscape.
Mr E. Kenneth Hong Fong, Deputy Director for Program Protection, Director, Defense Research & Engineering/Systems Analysis
Mr E. Kenneth Hong Fong will kick off the session with an overview of the challenges in this space. He has had 35 years in leadership positions, 27 years in network and systems development. 25 years in Chief Technology Officer/Chief, Systems Engineering equivalent positions.
- Chief, Systems Division for the Defense Nuclear Agency and successor elements, GS-15 (1989-2000), developing nuclear C2 support, R&D, and business systems and networks.
- Led Y2K transition for all DoD Nuclear Chemical and Biological Systems (Y2K)
- Technical Director, GSA Public Buildings Service/Information System Modernization providing technical oversight to over 450 contract and 125 government staff (GS-15).
- Technical Architect for Veterans Administration Executive Information System concepts. (GS-15)
- Led or participated in 10 program support reviews for AT&L and ASD(NII).
- Led concept development for Coalition Shared Tactical Ground Picture for eventual NATO adaptation
- Led three reviews of DoD Programs of Record, in support of the National Security Presidential Directive 54 (Comprehensive National Cyber Security Initiative), and NDAA 2009, Section 254 requirements for supply chain Vulnerability Assessments.
As a member of the DDR&E senior technical staff, Mr. Hong Fong created new systems engineering processes focused on meeting cyber security requirements for Department of Defense (DoD) Programs of Record (PORs). Guided the successful development of multiple Directive Type Memorandums, to instantiate through policy, needed process and POR direction changes in achieving Program Protection, identification of critical program information, and the supply chain assurance for the critical components that instantiate the key capability.
Working as a Senior Systems Engineer, Mr. Hong Fong also currently provides acquisition oversight and program support for key infrastructure programs to support net-centric warfare. Programs of interest include the Joint Tactical Radio System, the GIG Network Enterprise Services Program, the, and the Warfighter Information Network-Tactical Program. He was a core member of the Net-centric Operating Environment (NCOE) effort to define implement able threshold points for the GIG infrastructure. In addition to participation in the development and coordination of Network Centric Warfare oriented policy and guidance for acquisition of systems, he was an active participant in ensuring that DoD Information Technology standards are not only current but support the department’s transition to the GIG, and participated extensively in the Information Technology Standards Committee. He was a key member of the WIN-T Nunn-McCurdy Study Team and the study team for Tactical Networks for Ground Forces.
He has previously participated in various industry standards forums, was a key member of the Department’s effort to address Software Assurance, and lead the Engineering-in-Depth working group, collaborated on defense/industry IT industry outreach teams, and worked on multiple US/coalition initiatives for synthesizing US and coalition information for an enhanced situation awareness and battle management capability. He is the co-author of the Shared Operational Picture Exchange Service (SOPES) concept draft for the Object Management Group, which has been embraced by multiple international efforts as a baseline for coalition shared data services.
Originally, a Chicago area native, Ken received his BA from Northeastern Illinois University (1971) and an MS from DePaul University in Management Sciences in the Public Service (1977).
Mr. Hong Fong’s presentation will be followed by a panel of industry experts who are also some of the major founding members of the Trusted Technology Forum:
- Edna Conway, Chief Security Strategist, Value Chain Management, Cisco Systems
- Mary Ann Davidson, Chief Security Officer, Oracle Corporation
- Carrie Gates, Vice-President of Research, CA Technologies
- Steven B. Lipner, Senior Director of Security Engineering Strategy, Trustworthy Computing Security, Microsoft Corporation
- Andras Szakal, Distinguished Engineer and Chief Architect of Federal Software business unit, IBM
- Joanne Woytek, NASA Program Manager and Contract Technical Representative (CoTR) for the NASA SEWP Program
Return to previous page