search menu icon-carat-right cmu-wordmark

Posts by James Cebula

A Taxonomy for Managing Operational Cybersecurity Risk

A Taxonomy for Managing Operational Cybersecurity Risk

• Blog
James Cebula

Organizations are continually fending off cyberattacks in one form or another. The 2014 Verizon Data Breach Investigations Report, which included contributions from SEI researchers, tagged 2013 as "the year of the retailer breach." According to the report, 2013 also witnessed "a transition from geopolitical attacks to large-scale attacks on payment card systems." To illustrate the trend, the report outlines a 12-month chronology of attacks, including a January "watering hole" attack on the Council on Foreign...

Read More
Understanding How Network Security Professionals Perceive Risk

Understanding How Network Security Professionals Perceive Risk

• Blog
James Cebula

Risk inherent in any military, government, or industry network system cannot be completely eliminated, but it can be reduced by implementing certain network controls. These controls include administrative, management, technical, or legal methods. Decisions about what controls to implement often rely on computed-risk models that mathematically calculate the amount of risk inherent in a given network configuration. These computed-risk models, however, may not calculate risk levels that human decision makers actually perceive....

Read More

Contact the Author

James Cebula

SEI Digital Library

SEI Publications

Visit the SEI Digital Library to see other publications by James Cebula

View publications