icon-carat-right menu search cmu-wordmark

What Is Cybersecurity Engineering and Why Do I Need It?

Webcast
In this webcast, Carol Woody and Rita Creel discuss how cybersecurity engineering knowledge, methods, and tools throughout the lifecycle of software-intensive systems will reduce their inherent cyber risk and increase their operational cyber resilience.
Publisher

Software Engineering Institute

Watch

Abstract

When systems were predominately hardware-based, components were built to specification. Systems engineers defined and verified component functions and interfaces that together provided total system capability. Today, system capability is largely supplied through software components and network connectivity. This increases the system’s flexibility and adaptability—and its cyber risk! Software components are specified loosely, if at all, and are often assembled from an opaque mix of modified legacy components, commercial off-the-shelf (COTS) applications and services, and open source libraries downloaded from the Internet. This greatly increases the cyber-attack surface. Using cybersecurity engineering knowledge, methods, and tools throughout the lifecycle of software-intensive systems will reduce their inherent cyber risk and increase their operational cyber resilience.

What attendees will learn:

  • Cybersecurity engineering consolidates the tools and analyses used in various lifecycle steps to ensure effective operational results.
  • Cybersecurity engineering builds upon data that is scattered across lifecycle activities and products to identify gaps and potential mission impacts.
  • The Software Engineering Institute’s Cybersecurity Engineering and Software Assurance Professional Certificate Program enables participants to understand, identify, and manage cybersecurity risks in developing or acquiring software-reliant systems through activities such as threat modeling, security engineering risk analysis, and supply chain risk assessment.

About the Speaker

Headshot of Carol Woody.

Carol Woody

Dr. Carol Woody has been a senior member of the technical staff since 2001. Currently she is the technical manager for the Cyber Security Engineering (CSE) team, whose research focuses on meeting the challenges of cyber security in acquisition, system and software engineering.  CSE is building capabilities in defining, acquiring, …

Read more
Headshot of Rita Creel

Rita C. Creel

Rita began her career as a software engineer and team lead in the space industry designing and building systems for automated spacecraft test and anomaly resolution. She was a core member of the team that built the corporation’s first generation of test systems that leveraged tailorable simulation capabilities and were …

Read more