Category: Autonomy

by Dan Klinedinst
Vulnerability Analyst
CERT Division

As the world becomes increasingly interconnected through technology, information security vulnerabilities emerge from the deepening complexity. Unexpected interactions between hardware and software components can magnify the impact of a vulnerability. As technology continues its shift away from the PC-centric environment of the past to a cloud-based, perpetually connected world, it exposes sensitive systems and networks in ways that were never before imagined.

The information security community must be prepared to address emerging systemic vulnerabilities. To help identify these vulnerabilities, a team of researchers--in addition to myself, the team included Joel Land and Kyle O'Meara--identified at-risk, emerging technologies by breaking down major technology trends over the next 10 years. This blog post, which is abstracted from our technical report on this work, highlights the findings of our research, which helps the Department of Homeland Security United States Computer Emergency Readiness Team (US-CERT) in their work towards vulnerability triage, outreach, and analysis.

As we have done each year since the blog's inception in 2011, this blog post presents the10 most-visited posts in 2016 in descending order ending with the most popular post. While the majority of our most popular posts were published in the last 12 months, a few, such as Don Firesmith's 2013 posts about software testing, continue to be popular with readers.

10. Verifying Software with Timers and Clocks
9. 10 At-Risk Emerging Technologies
8. Structuring the Chief Information Security Officer Organization
7. Designing Insider Threat Programs
6. Three Roles and Three Failure Patterns of Software Architects
5. Why Did the Robot Do That?
4. Agile Metrics: Seven Categories
3. Common Testing Problems: Pitfalls to Prevent and Mitigate
2. Distributed Denial of Service: Four Best Practices for Prevention and Response
1. Using V Models for Testing