Cyber Risk and Resilience Management
Blog Posts
Process and Technical Vulnerabilities: 6 Key Takeaways from a Chemical Plant Disaster
Weak processes can be as risky as technical vulnerabilities. This post describes how both of them worsened a cyber attack on a chemical plant.
• By Daniel J. Kambic
In Enterprise Risk and Resilience Management

The Benefits of Cyber Assessment Training
This post discusses how cybersecurity assessments can help critical infrastructure organizations improve their cybersecurity with help from free assessment tools developed by the SEI and offered by the U.S. government.
• By Rhonda Brown, Alexander Petrilli
In Cybersecurity Engineering


2 Approaches to Risk and Resilience: Asset-Based and Service-Based
There are benefits and challenges of the two approaches to risk and resilience management: one based on an organization’s assets and the other on its services.
• By Emily Shawgo
In Enterprise Risk and Resilience Management

How to Mitigate Insider Threats by Learning from Past Incidents
This post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, "Learn from Past Insider Threat Incidents."
• By Daniel L. Costa
In Insider Threat
