Software Engineering Institute

Lisa Young

Lisa Young is an SEI alumni employee.

Lisa Young, Senior Member of the Technical Staff at the Software Engineering Institute at Carnegie Mellon University, has 20+ years of experience in the information technology and telecommunications industry. She holds the designation of Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and is experienced in IT governance, information audit and security, and risk management. Ms. Young teaches the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE®) risk-based security assessment methodology at the Software Engineering Institute. Her current line of research provides guidelines for improving the way organizations manage the processes of security, IT Operations, business continuity, compliance, and audit to support the organization's mission and critical success factors.

All

Tech Publications

Podcasts

Videos

Becoming a CISO: Formal and Informal Requirements

October 19, 2016 • Podcast

By Darrell Keeling (Parkview Health), Lisa R. Young

SEI Cyber Minute: CERT Resilience Management Model (RMM)

August 17, 2016 • Video

By Lisa R. Young

Global Value Chain – An Expanded View of the ICT Supply Chain

July 18, 2016 • Podcast

By Edna M. Conway (Cisco Systems, Inc.), John Haller, Lisa R. Young

SEI Cyber Minute: Managing Operational Risk

July 6, 2016 • Video

By Lisa R. Young

Intelligence Preparation for Operational Resilience

June 21, 2016 • Podcast

By Douglas Gray, Lisa R. Young

More from Lisa Young

Defining a Maturity Scale for Governing Operational Resilience

March 19, 2015 • Technical Note

By Katie C. Stewart, Julia H. Allen, Audrey J. Dorofee, Michelle A. Valdez, Lisa R. Young

Measuring What Matters Workshop Report

February 9, 2015 • Technical Note

By Katie C. Stewart, Julia H. Allen, Michelle A. Valdez, Lisa R. Young

CERT® Resilience Management Model (CERT®-RMM) V1.1: NIST Special Publication Crosswalk Version 2

June 11, 2014 • Technical Note

By Kevin G. Partridge, Mary Popeck, Lisa R. Young

A Taxonomy of Operational Cyber Security Risks Version 2

May 21, 2014 • Technical Note

By James J. Cebula, Mary Popeck, Lisa R. Young

CERT® Resilience Management Model (CERT®-RMM) V1.1: NIST Special Publication 800-66 Crosswalk

October 28, 2013 • Technical Note

By Lisa R. Young, Ma-Nyahn Kromah (SunGard Availability Services)

More from Lisa Young

Becoming a CISO: Formal and Informal Requirements

October 19, 2016 • Podcast

By Darrell Keeling (Parkview Health), Lisa R. Young

Global Value Chain – An Expanded View of the ICT Supply Chain

July 18, 2016 • Podcast

By Edna M. Conway (Cisco Systems, Inc.), John Haller, Lisa R. Young

Intelligence Preparation for Operational Resilience

June 21, 2016 • Podcast

By Douglas Gray, Lisa R. Young

Build Security In Maturity Model (BSIMM) – Practices from Seventy Eight Organizations

February 3, 2016 • Podcast

By Gary McGraw, Lisa R. Young

Structuring the Chief Information Security Officer Organization

December 23, 2015 • Podcast

By Nader Mehravari, Julia H. Allen, Lisa R. Young

More from Lisa Young

SEI Cyber Minute: CERT Resilience Management Model (RMM)

August 17, 2016 • Video

By Lisa R. Young

SEI Cyber Minute: Managing Operational Risk

July 6, 2016 • Video

By Lisa R. Young

More from Lisa Young