Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

William R. Wilson
March 2009 - Webinar The Age of the Smart Grid is Here

Topics: Process Improvement, Smart Grid Maturity Model, Cyber Risk and Resilience Management

Authors: William R. Wilson

This 2009 webinar marks the formal launching of a framework developed by CMU and the SEI which provides utilities with a roadmap through their smart grid transformation.

November 2007 - Podcast The Path from Information Security Risk Assessment to Compliance

Topics: Cyber Risk and Resilience Management

Authors: William R. Wilson, Julia H. Allen

In this podcast, William Wilson explains how an information security risk assessment, performed with operational risk management, can contribute to compliance.

July 2007 - Podcast Using Standards to Build an Information Security Program

Authors: William R. Wilson, Julia H. Allen

In this podcast, William Wilson explains how business leaders can use international standards to create a business- and risk-based information security program.

May 2007 - Technical Report Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, James F. Stevens, Charles M. Wallen (Financial Services Technology Consortium), David W. White, William R. Wilson, Lisa R. Young

In this 2007 report, the authors explore the transformation of security and business continuity into processes to support and sustain operational resiliency.

May 2007 - Technical Report Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, James F. Stevens, Lisa R. Young, William R. Wilson

In this 2007 report, the authors highlight the design considerations and requirements for OCTAVE Allegro based on field experience.

December 2004 - Technical Note Managing for Enterprise Security

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, Julia H. Allen, James F. Stevens, Bradford J. Willke, William R. Wilson

In this 2004 report, the authors itemize characteristics of common approaches to security that limit effectiveness and success.

July 2004 - Technical Report The Critical Success Factor Method: Establishing a Foundation for Enterprise Security Management

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, James F. Stevens, Bradford J. Willke, William R. Wilson

In this report, the authors describe the critical success factor method and present theories and experience in applying it to enterprise security management.

April 2004 - Presentation Building a Practical Framework for Enterprise-Wide Security Management

Topics: Cyber Risk and Resilience Management

Authors: Julia H. Allen, Kevin Behr (IP Services and ITPI), Richard A. Caralli, Eileen C. Forrester, Gene Kim (IP Services and ITPI), Larry Rogers, Jeannine Siviy, William R. Wilson

In this presentation, the authors describe a practical framework for enterprise-wide security management as developed by the CERT Division.

January 2004 - Presentation Maturing Your Approach to "Security Management"

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, William R. Wilson

In this presentation, the authors describe the challenges in assuring security, roadblocks that security approaches face, and how to solve these problems.

January 2004 - Presentation Applying Critical Success Factors to Information Security Planning

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, William R. Wilson

In this presentation, the authors discuss critical success factors and their use in security management, and provide development and analysis examples.

September 1999 - Technical Report Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0

Topics: Cyber Risk and Resilience Management, Cybersecurity Engineering

Authors: Christopher J. Alberts, Sandra Behrens, Richard D. Pethia, William R. Wilson

The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a framework for identifying and managing information security risks.

February 1999 - Security Improvement Module Responding to Intrusions

Authors: Klaus-Peter Kossakowski, William R. Wilson, Julia H. Allen, Cecilia Albert, Cory Cohen, Gary Ford, Barbara Fraser, Eric Hayes, John Kochmar, Suresh Konda

This 1999 report is one of a series of SEI publications that are intended to provide practical guidance to help organizations improve the security of their networked computer systems. This report is intended for system and network administrators, managers of information systems, and security personnel responsible for networked information resources.