search menu icon-carat-right cmu-wordmark

Posts by Nancy Mead

The Hybrid Threat Modeling Method

The Hybrid Threat Modeling Method

• Blog
Nancy Mead

This blog post is also authored by Forrest Shull. Modern software systems are constantly exposed to attacks from adversaries that, if successful, could prevent a system from functioning as intended or could result in exposure of confidential information. Accounts of credit card theft and other types of security breaches concerning a broad range of cyber-physical systems, transportation systems, self-driving cars, and so on, appear almost daily in the news. Building any public-facing system clearly demands...

Read More
Seven Principles for Software Assurance

Seven Principles for Software Assurance

• Blog
Nancy Mead

The exponential increase in cybercrime is a perfect example of how rapidly change is happening in cyberspace and why operational security is a critical need. In the 1990s, computer crime was usually nothing more than simple trespass. Twenty-five years later, computer crime has become a vast criminal enterprise with profits estimated at $1 trillion annually. One of the primary contributors to this astonishing success is the vulnerability of software to exploitation through defects. How pervasive...

Read More
Addressing the Shortfall of Secure Software Developers through Community College Education

Addressing the Shortfall of Secure Software Developers through Community College Education

• Blog
Nancy Mead

The (ISC)2 Global Information Security Workforce Study (GISWS) forecasts a shortfall of 1.5 million cybersecurity professionals by 2020. Government sources also project critical shortages of cybersecurity professionals. This predicted shortfall is troubling because the growing number and sophistication of cyber attacks threatens our infrastructure, which is increasingly software dependent. This blog post--derived from the paper Meeting Industry Needs for Secure Software Development, which I coauthored with Girish Seshagiri and Julie Howar--describes a collaboration involving industry,...

Read More
Development of a Master of Software Assurance Reference Curriculum

Development of a Master of Software Assurance Reference Curriculum

• Blog
Nancy Mead

The federal government is facing a shortage of cybersecurity professionals that puts our national security at risk, according to recent research. "As cyber attacks have increased and there is increased awareness of vulnerabilities, there is more demand for the professionals who can stop such attacks. But educating, recruiting, training and hiring these cybersecurity professionals takes time," the research states. Recognizing these realities, the U. S. Department of Homeland Security (DHS) National Cyber Security Division (NCSD)...

Read More

Contact the Author

Nancy Mead

SEI Digital Library

SEI Publications

Visit the SEI Digital Library to see other publications by Nancy Mead

View publications