icon-carat-right menu search cmu-wordmark

Using the Cyber Resilience Review to Help Critical Infrastructures Better Manage Operational Resilience

Podcast
In this podcast, the presenters explain how CRRs allow critical infrastructure owners to compare their cybersecurity performance with their peers.
Publisher

Software Engineering Institute

Listen

Abstract

The U.S. Department of Homeland Security (DHS) conducts a no-cost, voluntary Cyber Resilience Review (CRR) to evaluate and enhance cybersecurity capacities and capabilities within all 18 Critical Infrastructure and Key Resources (CIKR) Sectors, as well as State, Local, Tribal, and Territorial (SLTT) governments. The goal of the CRR is to develop an understanding of an organization’s operational resilience and ability to manage cyber risk to its critical services and assets during normal operations and during times of operational stress and crises.

In this podcast, Kevin Dillon, Branch Chief for Stakeholder Risk Assessment and Mitigation with DHS and Matthew Butkovic, the CERT Division’s Technical Portfolio Manager for Infrastructure Resilience, discuss the DHS Cyber Resilience Review and how it is helping critical infrastructure owners and operators improve their operational resilience and security.

About the Speaker

Headshot of Matt Butkovic

Matthew J. Butkovic

Matthew Butkovic is the Technical Director of the Cyber Risk and Resilience Assurance Directorate in the CERT Division of the Carnegie Mellon University Software Engineering Institute (CMU SEI).

Matt performs critical infrastructure protection research and develops methods, tools, and techniques for evaluating capabilities and managing risk. This includes addressing the …

Read more
Headshot of Julia Allen.

Julia H. Allen

Julia Allen is an SEI alumni employee.

Julia Allen is a principal researcher within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. Allen’s areas of interest include operational resilience, security governance, and measurement and analysis. Prior to this technical assignment, …

Read more