SEI Insights

Recent Posts

Many organizations want to share data sets across the enterprise, but taking the first steps can be challenging. These challenges range from purely technical issues, such as data formats and APIs, to organizational cultures in which managers resist sharing data they feel they own. Data Governance is a set of practices that enable data to create value within an enterprise. When launching a data governance initiative, many organizations choose to apply best practices, such as...

The tenth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 10: Implement strict password and account management policies and practices. In this post, I discuss the importance of having strict policies for managing passwords and accounts....

The future of autonomy in the military could include unmanned cargo delivery; micro-autonomous air/ground systems to enhance platoon, squad, and soldier situational awareness; and manned and unmanned teaming in both air and ground maneuvers, according to a 2016 presentation by Robert Sadowski, chief roboticist for the U.S. Army Tank Automotive Research Development and Engineering Center (TARDEC), which researches and develops advanced technologies for ground systems. One day, robot medics may even carry wounded soldiers out...

The ninth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 9: Incorporate malicious and unintentional insider threat awareness into periodic security training for all employees. In this post, I discuss the importance of educating employees, managers, and trusted business partners about the role they play in preventing, detecting, and mitigating insider threats, and practices they should follow for protecting organizational critical assets....

The year 2016 witnessed advancements in artificial intelligence in self-driving cars, language translation, and big data. That same time period, however, also witnessed the rise of ransomware, botnets, and attack vectors as popular forms of malware attack, with cybercriminals continually expanding their methods of attack (e.g., attached scripts to phishing emails and randomization), according to Malware Byte's State of Malware report. To complement the skills and capacities of human analysts, organizations are turning to machine...

Problem: When implementing DevOps, experts typically focus on process and tooling, but little emphasis is given to the psychological and social aspects of team members, which can pose encumbrances to DevOps adoption in production software houses. Training development staff on DevOps tools and processes is costly, so a significant risk occurs when training fails to produce full adoption by development teams. At the end of the day, people will adopt the tools and processes, but...

Blogs

CERT/CC

Timely insights about vulnerabilities, network situational awareness, and research in the security field offered by CERT Division researchers.

DevOps

Technical Guidelines and practical advice for DevOps. Posts cover issues relating to understanding and achieving successful DevOps including cultural shifts, barriers to collaboration, continuous integration, continuous deployment, and automation.

Subscribe

Insider Threat

Advice and best practices for organizations wanting to help better deter, detect, and respond to evolving insider threats.

SATURN

The SEI Architecture Technology User Network’s blog covers topics relating to software architecture and connects the professional network of software, systems, and enterprise architects from around the world, representing industry, academia, and government.

SEI Blog

Ongoing and exploratory research on topics that include secure coding, malware analysis, testing, organizational planning, agile software development, big data, quality assurance, cloud computing, and software sustainment across the lifecycle.

Subscribe