search menu icon-carat-right cmu-wordmark

Archive: May 2020

The Latest Work from the SEI: DevSecOps, Artificial Intelligence, and Cybersecurity Maturity Model Certification

The Latest Work from the SEI: DevSecOps, Artificial Intelligence, and Cybersecurity Maturity Model Certification

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, conference papers, and webcasts highlighting our work in DevSecOps, cybercrime and secure elections, software architecture, trustworthy artificial intelligence, and Cybersecurity Maturity Model Certification (CMMC). We have also included a webcast of a recent discussion on Department of Defense (DoD) software advances and future SEI work. These publications highlight the latest work...

Read More
Three Risks in Building Machine Learning Systems

Three Risks in Building Machine Learning Systems

• SEI Blog
Benjamin Cohen

Machine learning (ML) systems promise disruptive capabilities in multiple industries. Building ML systems can be complicated and challenging, however, especially since best practices in the nascent field of AI engineering are still coalescing. Consequently, a surprising fraction of ML projects fail or underwhelm. Behind the hype, there are three essential risks to analyze when building an ML system: 1) poor problem solution alignment, 2) excessive time or monetary cost, and 3) unexpected behavior once deployed....

Read More
Situational Awareness for Cyber Security Architecture: Tools for Monitoring and Response

Situational Awareness for Cyber Security Architecture: Tools for Monitoring and Response

• SEI Blog
Tim Shimeall

Visibility into the activities within assets enables network security analysts to detect network compromises. Analysts monitor these activities directly on the device by means of endpoint visibility and in the communications going to and from the device on the network. In our earlier blog posts on cyber situational awareness (SA) for the enterprise, we discussed endpoint visibility and network visibility. However, endpoint and network visibility will do little good if analysts don't have tools to...

Read More
Stop Wasting Time: Manage Time as the Limiting Resource

Stop Wasting Time: Manage Time as the Limiting Resource

• SEI Blog
Bill Nichols

Lost time is never found. - Ben Franklin Driven by a competitive marketplace, software developers and programmers are often pressured to adhere to unrealistically aggressive schedules across multiple projects. This pressure encourages management to spread the staff across all the critical work, trying to make progress everywhere at once. This trend helped to spawn the myth of the "x10 programmers"--programmers who are so much more productive than others that they will exert an outsized influence...

Read More