Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Nader Mehravari
April 2016 - Webinar Structuring the Chief Information Security Officer Organization

Topics: Risk and Opportunity Management

Authors: Julia H. Allen, Nader Mehravari

This webinar described a CISO organizational structure and functions for a typical large, diverse organization using input from CISOs, policies, frameworks, maturity models, standards, and codes of practice.

December 2015 - Podcast Structuring the Chief Information Security Officer Organization

Authors: Nader Mehravari, Julia H. Allen, Lisa R. Young

In this podcast, Nader Mehravari and Julia Allen, members of the CERT Cyber Risk Management team, discuss an effective approach for defining a CISO team structure and functions for large, diverse organizations.

October 2015 - Technical Note Structuring the Chief Information Security Officer Organization

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Gregory Crabb (U.S. Postal Inspection Service), Pamela D. Curtis, Brendan Fitzpatrick, Nader Mehravari, David Tobar

The authors describe how they defined a CISO team structure and functions for a national organization using sources such as CISOs, policies, and lessons learned from cybersecurity incidents.

February 2015 - Technical Note A Proven Method for Meeting Export Control Objectives in Postal and Shipping Sectors

Topics: Cyber Risk and Resilience Management

Authors: Greg Crabb (United States Postal Service), Julia H. Allen, Pamela D. Curtis, Nader Mehravari

This report describes how the CERT-RMM enabled the USPIS to implement an innovative approach for achieving complex international mail export control objectives.

September 2014 - Technical Note CERT Resilience Management Model—Mail-Specific Process Areas: International Mail Transportation (Version 1.0)

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Greg Crabb (United States Postal Service), Pamela D. Curtis, Sam Lin, Nader Mehravari, Dawn Wilkes

This report describes a new process area that ensures that international mail is transported according to Universal Postal Union standards.

September 2014 - Technical Note CERT Resilience Management Model—Mail-Specific Process Areas: Mail Revenue Assurance (Version 1.0)

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Greg Crabb (United States Postal Service), Pamela D. Curtis, Nader Mehravari, David W. White

This report describes a new process area that ensures that the USPS is compensated for mail that is accepted, transported, and delivered.

September 2014 - Technical Note CERT Resilience Management Model—Mail-Specific Process Areas: Mail Induction (Version 1.0)

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Greg Crabb (United States Postal Service), Pamela D. Curtis, Nader Mehravari, David W. White

This report describes a new process area that ensures that mail is inducted into the U.S. domestic mail stream according to USPS standards and requirements.

June 2014 - Webinar Recent Federal Policies Affecting the Cybersecurity and Resiliency Landscape

Topics: Cyber Risk and Resilience Management, Process Improvement, Risk and Opportunity Management

Authors: Nader Mehravari

Watch Nader Mehravari discuss "Recent Federal Policies Affecting the Cybersecurity and Resiliency Landscape" from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain

June 2014 - Webinar ABCs of Operational Resilience

Topics: Cyber Risk and Resilience Management, Risk and Opportunity Management

Authors: Nader Mehravari

Watch Nader Mehravari discuss the "ABCs of Operational Resilience" from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain.

June 2014 - Webinar Everything You Always Wanted to Know About Maturity Models

Topics: Cyber Risk and Resilience Management, Risk and Opportunity Management

Authors: Nader Mehravari

Watch Nader Mehravari discuss “Everything You Always Wanted to Know About Maturity Models” from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain.

January 2014 - Technical Note A Proven Method for Identifying Security Gaps in International Postal and Transportation Critical Infrastructure

Topics: Cyber Risk and Resilience Management

Authors: Greg Crabb (United States Postal Service), Julia H. Allen, Pamela D. Curtis, Nader Mehravari

In this report, the authors describe a method of identifying physical security gaps in international mail processing centers and similar facilities.

November 2013 - Article Resilience Management Through the Use of CERT-RMM and Associated Success Stories

Topics: Cyber Risk and Resilience Management

Authors: Nader Mehravari

In this paper, Nader Mehravari shares practical and successful applications of CERT-RMM from a wide variety of organizations.

August 2013 - Webinar Achieving Mission Assurance Through Resilience Management

Topics: Cyber Risk and Resilience Management, Process Improvement, Risk and Opportunity Management

Authors: Nader Mehravari

In this August 2013 webinar, Nader Mehravari discusses how to protect and sustain the mission and business operations of an organization.

June 2013 - Podcast Managing Disruptive Events - CERT-RMM Experience Reports

Topics: Cyber Risk and Resilience Management

Authors: Nader Mehravari, Julia H. Allen

In this podcast, the participants describe four experience reports that demonstrate how the CERT-RMM can be applied to manage operational risks.

January 2013 - Podcast Managing Disruptive Events: Demand for an Integrated Approach to Better Manage Risk

Topics: Cyber Risk and Resilience Management

Authors: Nader Mehravari, Julia H. Allen

In this podcast, Nader Mehravari describes how governments and markets are calling for the integration of plans for and responses to disruptive events.

December 2012 - Podcast Managing Disruptive Events: Making the Case for Operational Resilience

Topics: Cyber Risk and Resilience Management

Authors: Nader Mehravari, Julia H. Allen

In this podcast, Nader Mehravari describes how today's high-risk, global, fast, and very public business environment demands a more integrated approach.

December 2012 - Technical Note Analyzing Cases of Resilience Success and Failure - A Research Study

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Pamela D. Curtis, Andrew P. Moore, Nader Mehravari, Kevin G. Partridge, Robert W. Stoddard, Randall F. Trzeciak

In this report, the authors describe research aimed at helping organizations to know the business value of implementing resilience processes and practices.

March 2011 - Presentation Application of the CERT Resilience Management Model at Lockheed Martin

Topics: Cyber Risk and Resilience Management

Authors: William David (Lockheed Martin Enterprise Business Services), Nader Mehravari, David W. White

In this presentation, the authors describe using CERT-RMM to improve business continuity, IT disaster recovery, crisis management, and pandemic-planning.