Cybersecurity
Blog Posts
The Essential Role of AISIRT in Flaw and Vulnerability Management
The SEI established the first Artificial Intelligence Security Incident Response Team (AISIRT) in 2023. This post discusses AISIRT's role in the coordination of flaws and vulnerabilities in AI systems.
Read More•By Lauren McIlvenny, Vijay S. Sarvepalli
In Artificial Intelligence Engineering
Cyber-Informed Machine Learning
This blog post proposes cyber-informed machine learning as a conceptual framework for emphasizing three types of explainability when ML is used for cybersecurity.
Read More•By Jeffrey Mellon, Clarence Worrell
In Cybersecurity Engineering
3 Activities for Making Software Secure by Design
Understanding key principles, roadblocks, and accelerators can shift the secure software development paradigm.
Read More•By Carol Woody, Robert Schiela
In Cybersecurity Engineering
Using Game Theory to Advance the Quest for Autonomous Cyber Threat Hunting
This SEI Blog post describes an effort to apply game theory to the development of algorithms suitable for informing a fully autonomous threat hunting capability and introduces the concept of …
Read More•By Phil Groce
In Cybersecurity Engineering
Process and Technical Vulnerabilities: 6 Key Takeaways from a Chemical Plant Disaster
Weak processes can be as risky as technical vulnerabilities. This post describes how both of them worsened a cyber attack on a chemical plant.
Read More•By Daniel J. Kambic
In Enterprise Risk and Resilience Management
Designing Great Challenges for Cybersecurity Competitions
This blog post highlights the SEI’s experience developing cybersecurity challenges for the President’s Cup Cybersecurity Competition and general-purpose guidelines and best practices for developing effective challenges.
Read More•By Jarrett Booz, Josh Hammerstein, Matt Kaar
In Cyber Workforce Development
The Benefits of Cyber Assessment Training
This post discusses how cybersecurity assessments can help critical infrastructure organizations improve their cybersecurity with help from free assessment tools developed by the SEI and offered by the U.S. government.
Read More•By Rhonda Brown, Alexander Petrilli
In Cybersecurity Engineering
2 Approaches to Risk and Resilience: Asset-Based and Service-Based
There are benefits and challenges of the two approaches to risk and resilience management: one based on an organization’s assets and the other on its services.
Read More•By Emily Shawgo
In Enterprise Risk and Resilience Management
Six Dimensions of Trust in Autonomous Systems
This post chronicles the adoption and growth of autonomous systems and provides six considerations for establishing trust.
Read More•By Paul Nielsen
In Software Engineering Research and Development
Using Machine Learning to Increase the Fidelity of Non-Player Characters in Training Simulations
Use of machine-learning (ML) modeling and a suite of software tools to create decision-making preferences that make non-player characters (NPCs) more realistic in simulations.
Read More•By Dustin D. Updyke, Thomas G. Podnar, Geoffrey B. Dobson, John Yarger
In Cyber Workforce Development
