search menu icon-carat-right cmu-wordmark

Archive: February 2021

Requirements in Model-Based Systems Engineering (MBSE)

Requirements in Model-Based Systems Engineering (MBSE)

• SEI Blog
Nataliya Shevchenko

Model-based systems engineering (MBSE) is a formalized methodology that supports the requirements, design, analysis, verification, and validation associated with the development of complex systems. MBSE in a digital-modeling environment provides advantages that document-based systems engineering cannot provide. These advantages have led to increased and growing adoption since MBSE can save costs by reducing development time and improve the ability to produce secure and correctly functioning software. The SEI CERT Division has begun researching how MBSE...

Read More
A Framework for DevSecOps Evolution and Achieving Continuous-Integration/Continuous-Delivery (CI/CD) Capabilities

A Framework for DevSecOps Evolution and Achieving Continuous-Integration/Continuous-Delivery (CI/CD) Capabilities

• SEI Blog
Lyndsi Hughes

This post was co-written by Vanessa Jackson. The benefits of operating a development environment with continuous-integration and continuous-delivery (CI/CD) pipeline capabilities and DevSecOps practices are well documented. Leveraging DevSecOps practices and CI/CD pipelines enables organizations to respond to security and reliability events quickly and efficiently and to produce resilient and secure software on a predictable schedule and budget. Although the decision by management to adopt this methodology may be easy, the initial implementation and ongoing...

Read More
Top 10 Considerations for Effective Incident Management Communications

Top 10 Considerations for Effective Incident Management Communications

• SEI Blog
Brittany Manley

Communications are essential to the overall sustainability and success of cybersecurity centers and incident management teams, both in times of crisis and during normal operations. Due to the importance of communications, and the fact that communications planning is often overlooked, the SEI developed the Guide to Effective Incident Management Communications as a resource for cybersecurity centers and incident response organizations looking to improve their communications planning and activities. This blog post is adapted from that...

Read More
How Situational Awareness Informs Cybersecurity Operations

How Situational Awareness Informs Cybersecurity Operations

• SEI Blog
Nathaniel Richmond

Cybersecurity operations are applied principles, processes, and technologies that defend an information environment against threats. Situational awareness (SA) helps decision makers throughout an organization have the information and understanding they need to make sound decisions about cybersecurity operations as they defend their organizations from the increasingly dangerous cyber threats that are prevalent today. The concept of cybersecurity operations encompasses all of the topics we have covered in our recent posts about network situational awareness. The...

Read More
Six Key Cybersecurity Engineering Activities for Building a Cybersecurity Strategy

Six Key Cybersecurity Engineering Activities for Building a Cybersecurity Strategy

• SEI Blog
Carol Woody

Rita Creel coauthored this blog post. Today's missions rely on highly integrated and complex technology that must operate in a dynamic and contested environment. Reliance on operational security controls alone for mission protection has proved insufficient. With today's adversaries, cybersecurity must be built into the technology to continue operating successfully, which requires the integration of cybersecurity engineering. Cybersecurity engineering applies the rigor of engineering with the knowledge of operational security into all aspects of the...

Read More