Describes the Cybersecurity Program Progress Metric and how its implementation in a large, diverse U.S. national organization can serve to indicate progress toward improving cybersecurity and resilience capabilities.
Topics: Risk and Opportunity Management
This webinar described a CISO organizational structure and functions for a typical large, diverse organization using input from CISOs, policies, frameworks, maturity models, standards, and codes of practice.
In this podcast, Nader Mehravari and Julia Allen, members of the CERT Cyber Risk Management team, discuss an effective approach for defining a CISO team structure and functions for large, diverse organizations.
The authors describe how they defined a CISO team structure and functions for a national organization using sources such as CISOs, policies, and lessons learned from cybersecurity incidents.
This report describes how the CERT-RMM enabled the USPIS to implement an innovative approach for achieving complex international mail export control objectives.
This report describes a new process area that ensures that international mail is transported according to Universal Postal Union standards.
This report describes a new process area that ensures that the USPS is compensated for mail that is accepted, transported, and delivered.
This report describes a new process area that ensures that mail is inducted into the U.S. domestic mail stream according to USPS standards and requirements.
Watch Nader Mehravari discuss "Recent Federal Policies Affecting the Cybersecurity and Resiliency Landscape" from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain
Watch Nader Mehravari discuss the "ABCs of Operational Resilience" from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain.
Watch Nader Mehravari discuss “Everything You Always Wanted to Know About Maturity Models” from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain.
ES-C2M2 helps improve the operational resilience of the U.S. power grid.
In this report, the authors describe how to improve the resilience of U.S. Postal Service products and services
In this report, the authors describe a method of identifying physical security gaps in international mail processing centers and similar facilities.
In this paper, Nader Mehravari shares practical and successful applications of CERT-RMM from a wide variety of organizations.
In this August 2013 webinar, Nader Mehravari discusses how to protect and sustain the mission and business operations of an organization.
In this podcast, the participants describe four experience reports that demonstrate how the CERT-RMM can be applied to manage operational risks.
In this podcast, Nader Mehravari describes how governments and markets are calling for the integration of plans for and responses to disruptive events.
In this podcast, Nader Mehravari describes how today's high-risk, global, fast, and very public business environment demands a more integrated approach.
In this report, the authors describe research aimed at helping organizations to know the business value of implementing resilience processes and practices.
In this presentation, the authors describe using CERT-RMM to improve business continuity, IT disaster recovery, crisis management, and pandemic-planning.