Blog Posts
Zero Trust Adoption: Managing Risk with Cybersecurity Engineering and Adaptive Risk Assessment
In this and a series of future posts, we provide an overview of zero trust and management of its risk with SEI's cybersecurity engineering assessment framework. This adaptive framework incorporates …
• By Geoff Sanders
In Cybersecurity Engineering
Six Key Cybersecurity Engineering Activities for Building a Cybersecurity Strategy
This post, which augments a recent webcast and a forthcoming white paper, highlights the importance of the cybersecurity strategy in defining how the technology from an acquisition will be designed, …
• By Carol Woody, Rita Creel
In Cybersecurity Engineering
KalKi: Solution for High Assurance Software-Defined IoT Security
Commercial Internet of things (IoT) devices are evolving rapidly, providing new and potentially useful capabilities. These devices can be a valuable source of data....
• By Sebastian Echeverria
In Cybersecurity Engineering
System Resilience Part 7: 16 Guiding Principles for System Resilience
Adverse events and conditions can disrupt a system, causing it to fail to provide essential capabilities and services. As I outlined in previous posts in this series, resilience is an …
• By Donald Firesmith
In Cybersecurity Engineering
System Resilience Part 6: Verification and Validation
Adverse events and conditions can disrupt a system, causing it to fail to provide essential capabilities and services. As I outlined in previous posts in this series, resilience is an …
• By Donald Firesmith
In Cybersecurity Engineering
Five Reasons the Cybersecurity Field Needs Trusted Data Sets and Meaningful Metrics
Cybersecurity is a domain rich with data, but regrettably often only poor insights can be drawn from this richness. CISOs ask questions about how best to allocate resources....
• By Bobbie Stempfley, Matthew Butkovic
In Cybersecurity Engineering
System Resilience Part 5: Commonly-Used System Resilience Techniques
If adverse events or conditions cause a system to fail to operate appropriately, they can cause all manner of harm to valuable assets. As I outlined in previous posts in …
• By Donald Firesmith
In Cybersecurity Engineering
System Resilience Part 4: Classifying System Resilience Techniques
A system resilience technique is any architectural, design, or implementation technique that increases a system's resilience....
• By Donald Firesmith
In Cybersecurity Engineering
System Resilience Part 3: Engineering System Resilience Requirements
At its most basic level, system resilience is the degree to which a system continues to perform its mission in the face of adversity....
• By Donald Firesmith
In Cybersecurity Engineering
4 Elements in Securing the Telecommunications Supply Chain
On September 27, 2019, the Subcommittee on Communications and Technology of the U.S. House of Representatives Committee on Energy and Commerce convened a hearing on "Legislating to Secure America's Wireless …
• By Bobbie Stempfley
In Cybersecurity Engineering