Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
Menu
Home Digital Library Samuel A. Merrell

Digital Library

Samuel A. Merrell

Author

Samuel A. Merrell

2429

Software Engineering Institute
Sam Merrell is a member of the technical staff in the CERT Program at the Software Engineering Institute (SEI). As a part of the Survivable Enterprise Management Team, Merrell works with organizations to improve their information security management practices. This work has included FISMA compliance efforts and analysis of information security programs of Federal agencies. He is currently working on Critical Information Infrastructure Protection projects within the U.S. as well as internationally. Prior to joining the SEI, Merrell spent seven years as the Information Technology Manager for a Pittsburgh-area community bank. Prior to that, he was an information technology consultant, primarily supporting the IBM AS/400. Merrell holds an undergraduate degree from the University of Pittsburgh and holds the CISSP certification as well as the SANS GGSC certificate.

June 2013 - Video Cybersecurity HIE Roundtable Discussion

Topics: Cybersecurity Engineering, Cyber Risk and Resilience Management

This presentation at The CERT Symposium on Cyber Security Incident Management for Health Information Exchanges was delivered on June 26, 2013.

June 2013 - Video Cybersecurity HIE Welcome and Overview

Topics: Cybersecurity Engineering, Cyber Risk and Resilience Management

In this video, Sam Merrell welcomes attendees at The CERT Symposium on Cyber Security Incident Management for Health Information Exchanges.

April 2011 - Technical Report Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0

Topics: Incident Management

In this 2011 report, an update to its 2010 counterpart, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.

November 2010 - Podcast Public-Private Partnerships: Essential for National Cyber Security

In this podcast, participants explain that knowledge of software assurance is essential to ensure that complex systems function as intended.

June 2010 - Special Report Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability

Topics: Incident Management

In this report, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.

March 2009 - Presentation The Confluence of Physical and Cyber Security Management

Topics: Cybersecurity Engineering

In this presentation, Sam Merrell and James Stevens describe an integrate view of security that includes both physical security and cybersecurity.

March 2008 - Podcast Initiating a Security Metrics Program: Key Points to Consider

Topics: Measurement and Analysis

In this podcast, Samuel Merrell explains that a sound security metrics program should select data relevant to consumers from repeatable processes.

October 2007 - Presentation FISMA and Metrics

Topics: Measurement and Analysis

This presentation discusses the importance of implementing a metrics program and how such an implementation relates to the Federal Information Security Management Act (FISMA).