By Doug Gray on November 9, 2015 9:00 AM| No Comments
According to the National Institute of Standards and Technology (NIST), Information Security Continuous Monitoring (ISCM) is a process for continuously analyzing, reporting, and responding to risks to operational resilience (in an automated manner, whenever possible). Compared to the traditional method...
By Doug Gray on October 12, 2015 9:00 AM| No Comments
By Douglas Gray Information Security Engineer CERT Division In leveraging threat intelligence, the operational resilience practitioner need not create a competing process independent of other frameworks the organization is leveraging. In fact, the use of intelligence products in managing operational...
By Doug Gray on September 28, 2015 9:00 AM| No Comments
By Douglas Gray Information Security Engineer CERT Division What differentiates cybersecurity from other domains in information technology (IT)? Cybersecurity must account for an adversary. It is the intentions, capabilities, prevailing attack patterns of these adversaries that form the basis of...
Toll Free: 888-201-4479
4500 Fifth Avenue
Pittsburgh, PA 15213-2612