Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

James F. Stevens
June 2014 - Webinar Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2)

Topics: Cyber Risk and Resilience Management, Risk and Opportunity Management, Smart Grid Maturity Model

Authors: James F. Stevens

Watch James Stevens discuss the "Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2)" from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain

September 2009 - Audio The Smart Grid: Managing Electrical Power Distribution and Use

Topics: Smart Grid Maturity Model, Cyber Risk and Resilience Management

Authors: Julia H. Allen, James F. Stevens

The smart grid is the use of digital technology to modernize the power grid, which comes with some new privacy and security challenges.

September 2009 - Podcast The Smart Grid: Managing Electrical Power Distribution and Use

Topics: Cyber Risk and Resilience Management

Authors: James F. Stevens, Julia H. Allen

In this podcast, James Stevens explains how using the smart grid comes with some new privacy and security challenges.

March 2009 - Presentation The Confluence of Physical and Cyber Security Management

Topics: Cybersecurity Engineering

Authors: Samuel A. Merrell, James F. Stevens

In this presentation, Sam Merrell and James Stevens describe an integrate view of security that includes both physical security and cybersecurity.

May 2007 - Technical Report Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, James F. Stevens, Charles M. Wallen (Financial Services Technology Consortium), David W. White, William R. Wilson, Lisa R. Young

In this 2007 report, the authors explore the transformation of security and business continuity into processes to support and sustain operational resiliency.

May 2007 - Technical Report Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, James F. Stevens, Lisa R. Young, William R. Wilson

In this 2007 report, the authors highlight the design considerations and requirements for OCTAVE Allegro based on field experience.

November 2005 - Presentation Focus on Resiliency: A Process-Oriented Approach to Security

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, James F. Stevens

In this presentation, the authors describe a process-oriented approach to security.

June 2005 - Technical Note Information Asset Profiling

Topics: Cyber Risk and Resilience Management

Authors: James F. Stevens, Richard A. Caralli, Bradford J. Willke

In this 2005 report, the authors describe IAP, a documented and repeatable process for developing consistent asset profiles.

January 2005 - Handbook OCTAVE-S Implementation Guide, Version 1

Topics: Cyber Risk and Resilience Management

Authors: Cecilia Albert, Audrey J. Dorofee, James F. Stevens, Carol Woody

In this 2005 handbook, the authors provide detailed guidelines for conducting an OCTAVE-S evaluation.

December 2004 - Technical Note Managing for Enterprise Security

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, Julia H. Allen, James F. Stevens, Bradford J. Willke, William R. Wilson

In this 2004 report, the authors itemize characteristics of common approaches to security that limit effectiveness and success.

July 2004 - Technical Report The Critical Success Factor Method: Establishing a Foundation for Enterprise Security Management

Topics: Cyber Risk and Resilience Management

Authors: Richard A. Caralli, James F. Stevens, Bradford J. Willke, William R. Wilson

In this report, the authors describe the critical success factor method and present theories and experience in applying it to enterprise security management.

August 2003 - User's Guide Introduction to the OCTAVE Approach

Topics: Cyber Risk and Resilience Management

Authors: Christopher J. Alberts, Audrey J. Dorofee, James F. Stevens, Carol Woody

In this 2003 report, the authors describe the OCTAVE method, an approach for managing information security risks.