Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date


SEI Technologies Forum: Measuring Operational Resilience

  • Watch

    Loading the video......
  • Abstract

    Traditional operational security metrics such as number of machines patched, vulnerability scan results, number of incidents, and number of staff trained are easy to collect and can be useful. However, if your objectives are to inform decisions, affect behavior, and determine control effectiveness in support of business objectives, you'll need to consider a set of more strategic resilience measures. This presentation suggests 10 such measures and a means for deriving them.

    Julia Allen

    Allen is a principal researcher within the CERT Program at the SEI. Allen's areas of interest include operational resilience, software security and assurance, and measurement and analysis. Prior to this technical assignment, Allen served as acting director of the SEI for an interim period of six months as well as deputy director/chief operating officer for three years. She earned a bachelor's degree in computer Science from the University of Michigan and a master's degree in electrical engineering from the University of Southern California. Allen is the author of The CERT Guide to System and Network Security Practices (Addison-Wesley 2001) and moderator for the CERT Podcast Series: Security for Business Leaders. She is a co-author of Software Security Engineering: A Guide for Project Managers (Addison-Wesley 2008) and CERT Resilience Management Model (RMM): A Maturity Model for Managing Operational Resilience (Addison-Wesley 2011).

  • Slides