What Is Cybersecurity Engineering and Why Do I Need It?
Software Engineering Institute
When systems were predominately hardware-based, components were built to specification. Systems engineers defined and verified component functions and interfaces that together provided total system capability. Today, system capability is largely supplied through software components and network connectivity. This increases the system’s flexibility and adaptability—and its cyber risk! Software components are specified loosely, if at all, and are often assembled from an opaque mix of modified legacy components, commercial off-the-shelf (COTS) applications and services, and open source libraries downloaded from the Internet. This greatly increases the cyber-attack surface. Using cybersecurity engineering knowledge, methods, and tools throughout the lifecycle of software-intensive systems will reduce their inherent cyber risk and increase their operational cyber resilience.
What attendees will learn:
- Cybersecurity engineering consolidates the tools and analyses used in various lifecycle steps to ensure effective operational results.
- Cybersecurity engineering builds upon data that is scattered across lifecycle activities and products to identify gaps and potential mission impacts.
- The Software Engineering Institute’s Cybersecurity Engineering and Software Assurance Professional Certificate Program enables participants to understand, identify, and manage cybersecurity risks in developing or acquiring software-reliant systems through activities such as threat modeling, security engineering risk analysis, and supply chain risk assessment.
About the Speaker
Dr. Carol Woody has been a senior member of the technical staff since 2001. Currently she is the technical manager for the Cyber Security Engineering (CSE) team, whose research focuses on meeting the challenges of cyber security in acquisition, system and software engineering. CSE is building capabilities in defining, acquiring, …Read more