CERT
Blog Posts
Balancing Cyber Confidence and Privacy Concerns
An important part of an organization's cybersecurity posture includes the monitoring of network traffic for proactive cyber defense. The trend toward implementing network protocols designed to improve personal privacy is …
• By William Reed, Dustin Updyke
In Enterprise Risk and Resilience Management
Six Free Tools for Creating a Cyber Simulator
It can be hard for developers of cybersecurity training to create realistic simulations and training exercises when trainees are operating in closed (often classified) environments with no ability to connect …
• By Joseph Mayes
In Cyber Workforce Development
Evaluating Threat-Modeling Methods for Cyber-Physical Systems
Addressing cybersecurity for а complex system, especially for а cyber-physical system of systems (CPSoS), requires a strategic approach during the entire lifecycle of the system....
• By Nataliya Shevchenko
In Enterprise Risk and Resilience Management
Improving Assessments for Cybersecurity Training
The CERT Cyber Workforce Development Directorate conducts training in cyber operations for the DoD and other government customers as part of its commitment to strengthen the nation's cybersecurity workforce....
• By April Galyardt
In Artificial Intelligence Engineering
Threat Modeling: 12 Available Methods
Almost all software systems today face a variety of threats, and the number of threats grows as technology changes....
• By Nataliya Shevchenko
In Enterprise Risk and Resilience Management
IPv6 Adoption: 4 Questions and Answers
IPv6 deployment is on the rise. Google reported that as of July 14 2018, 23.94 percent of users accessed its site via IPv6, up 6.16 percent from that same date …
• By Joseph Mayes
In Secure Development
Cyber Threat Modeling: An Evaluation of Three Methods
Cyber threat modeling, the creation of an abstraction of a system to identify possible threats, is a required activity for DoD acquisition. Identifying potential threats to a system, cyber or …
• By Forrest Shull, Nancy Mead
Why Netflow Data Still Matters
Network flow plays a vital role in the future of network security and analysis. With more devices connecting to the Internet, networks are larger and faster than ever before. Therefore, …
• By Emily Sarneso
Traffic Analysis for Network Security: Two Approaches for Going Beyond Network Flow Data
By the close of 2016, "Annual global IP traffic will pass the zettabyte ([ZB]; 1000 exabytes [EB]) threshold and will reach 2.3 ZBs per year by 2020" according to Cisco's …
• By Tim Shimeall
Unintentional Insider Threat and Social Engineering
Social engineering involves the manipulation of individuals to get them to unwittingly perform actions that cause harm or increase the probability of causing future harm, which we call "unintentional insider …