Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Pamela D. Curtis
February 2017 - White Paper The CISO Academy

Topics: Cyber Risk and Resilience Management

Authors: Pamela D. Curtis, Summer C. Fowler, David Tobar, David Ulicne

In this paper, the authors describe the project that led to the creation of the U.S. Postal Service's CISO Academy.

October 2015 - Technical Note Structuring the Chief Information Security Officer Organization

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Gregory Crabb (U.S. Postal Inspection Service), Pamela D. Curtis, Brendan Fitzpatrick, Nader Mehravari, David Tobar

The authors describe how they defined a CISO team structure and functions for a national organization using sources such as CISOs, policies, and lessons learned from cybersecurity incidents.

February 2015 - Technical Note A Proven Method for Meeting Export Control Objectives in Postal and Shipping Sectors

Topics: Cyber Risk and Resilience Management

Authors: Greg Crabb (United States Postal Service), Julia H. Allen, Pamela D. Curtis, Nader Mehravari

This report describes how the CERT-RMM enabled the USPIS to implement an innovative approach for achieving complex international mail export control objectives.

September 2014 - Technical Note CERT Resilience Management Model—Mail-Specific Process Areas: International Mail Transportation (Version 1.0)

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Greg Crabb (United States Postal Service), Pamela D. Curtis, Sam Lin, Nader Mehravari, Dawn Wilkes

This report describes a new process area that ensures that international mail is transported according to Universal Postal Union standards.

September 2014 - Technical Note CERT Resilience Management Model—Mail-Specific Process Areas: Mail Revenue Assurance (Version 1.0)

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Greg Crabb (United States Postal Service), Pamela D. Curtis, Nader Mehravari, David W. White

This report describes a new process area that ensures that the USPS is compensated for mail that is accepted, transported, and delivered.

September 2014 - Technical Note CERT Resilience Management Model—Mail-Specific Process Areas: Mail Induction (Version 1.0)

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Greg Crabb (United States Postal Service), Pamela D. Curtis, Nader Mehravari, David W. White

This report describes a new process area that ensures that mail is inducted into the U.S. domestic mail stream according to USPS standards and requirements.

January 2014 - Technical Note A Proven Method for Identifying Security Gaps in International Postal and Transportation Critical Infrastructure

Topics: Cyber Risk and Resilience Management

Authors: Greg Crabb (United States Postal Service), Julia H. Allen, Pamela D. Curtis, Nader Mehravari

In this report, the authors describe a method of identifying physical security gaps in international mail processing centers and similar facilities.

December 2012 - Technical Note Analyzing Cases of Resilience Success and Failure - A Research Study

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Pamela D. Curtis, Andrew P. Moore, Nader Mehravari, Kevin G. Partridge, Robert W. Stoddard, Randall F. Trzeciak

In this report, the authors describe research aimed at helping organizations to know the business value of implementing resilience processes and practices.

December 2011 - Technical Note Using Defined Processes as a Context for Resilience Measures

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Pamela D. Curtis, Linda Parker Gates

In this report, the authors describe how implementation-level processes can provide context for identifying and defining measures of operational resilience.

October 2011 - Podcast Measuring Operational Resilience

Topics: Measurement and Analysis, Cyber Risk and Resilience Management

Authors: Julia H. Allen, Pamela D. Curtis

In this podcast, Julia Allen explains that measures of operational resilience should answer key questions, inform decisions, and affect behavior.

July 2011 - Technical Report Measures for Managing Operational Resilience

Topics: Cyber Risk and Resilience Management, Measurement and Analysis

Authors: Julia H. Allen, Pamela D. Curtis

In this report, the Resilient Enterprise Management (REM) team suggests a set of top ten strategic measures for managing operational resilience.

May 2010 - Technical Report CERT Resilience Management Model, Version 1.0

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, Julia H. Allen, Pamela D. Curtis, David W. White, Lisa R. Young

In this report, the authors present CERT-RMM, an approach to managing operational resilience in complex, risk-evolving environments.