Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

John Haller
May 2017 - Article Assessing DoD System Acquisition Supply Chain Risk Management

Topics: Cybersecurity Engineering, Acquisition Support, Risk and Opportunity Management

Authors: John Haller, Charles M. Wallen, Carol Woody, PhD, Christopher J. Alberts

In this Crosstalk article, the authors discuss the growing challenge of cyber risks in the defense supply chain.

September 2016 - White Paper Managing Third Party Risk in Financial Services Organizations: A Resilience-Based Approach

Topics: Cyber Risk and Resilience Management

Authors: John Haller, Charles M. Wallen

A resilience-based approach can help financial services organizations to manage cybersecurity risks from outsourcing and comply with federal regulations.

July 2016 - Podcast Global Value Chain – An Expanded View of the ICT Supply Chain

Topics: Cyber Risk and Resilience Management

Authors: Edna M. Conway (Cisco Systems, Inc.), John Haller, Lisa R. Young

In this podcast, Edna Conway and John Haller discuss the global value chain for organizations and critical infrastructures and how this expanded view can be used to improve ICT supply chain management, including risks to the supply chain.

July 2016 - Video SEI Cyber Minute: Using Smart Service Level Agreements (SLAs)

Authors: John Haller

John Haller discusses "Using Smart SLAs."

March 2015 - Podcast Supply Chain Risk Management: Managing Third Party and External Dependency Risk

Topics: Cyber Risk and Resilience Management

Authors: John Haller, Matthew J. Butkovic, Julia H. Allen

In this podcast, Matt Butkovic and John Haller discuss approaches for more effectively managing supply chain risks, focusing on risks arising from “external entities that provide, sustain, or operate Information and Communications Technology (ICT)."

December 2014 - Webinar Lessons in External Dependency and Supply Chain Risk Management

Topics: Cyber Risk and Resilience Management

Authors: John Haller, Matthew J. Butkovic

In this webinar, John Haller and Matthew Butkovic of the CERT Division of the Software Engineering Institute will discuss real-world incidents, including recent industrial control system attacks and incidents affecting Department of Defense capabilities.

June 2014 - Webinar Cybersecurity Update

Topics: Cyber Risk and Resilience Management, Risk and Opportunity Management

Authors: John Haller

Watch John Haller discuss the "Cybersecurity Update" from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain.

March 2013 - White Paper Identifying a Shared Mental Model Among Incident Responders

Topics: Incident Management

Authors: Robert Floodeen, John Haller, Brett Tjaden

In this paper, the authors explore how effective communication might be improved by the development of a mental model internalized by the group's technical staff prior to an incident.

April 2011 - Technical Report Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0

Topics: Incident Management

Authors: John Haller, Samuel A. Merrell, Matthew J. Butkovic, Bradford J. Willke

In this 2011 report, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.

November 2010 - Podcast Public-Private Partnerships: Essential for National Cyber Security

Authors: Samuel A. Merrell, John Haller, Philip Huff (Arkansas Electric Cooperative Corporation), Julia H. Allen

In this podcast, participants explain that knowledge of software assurance is essential to ensure that complex systems function as intended.

August 2010 - Podcast Establishing a National Computer Security Incident Response Team (CSIRT)

Topics: Incident Management

Authors: Jeffrey J. Carpenter, John Haller, Julia H. Allen

In this podcast, participants discuss how essential a national CSIRT is for protecting national and economic security and continuity.

June 2010 - Special Report Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability

Topics: Incident Management

Authors: John Haller, Samuel A. Merrell, Matthew J. Butkovic, Bradford J. Willke

In this report, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.