Samuel A. Merrell

Software Engineering Institute

Sam Merrell is a member of the technical staff in the CERT Program at the Software Engineering Institute (SEI). As a part of the Survivable Enterprise Management Team, Merrell works with organizations to improve their information security management practices. This work has included FISMA compliance efforts and analysis of information security programs of Federal agencies. He is currently working on Critical Information Infrastructure Protection projects within the U.S. as well as internationally. Prior to joining the SEI, Merrell spent seven years as the Information Technology Manager for a Pittsburgh-area community bank. Prior to that, he was an information technology consultant, primarily supporting the IBM AS/400. Merrell holds an undergraduate degree from the University of Pittsburgh and holds the CISSP certification as well as the SANS GGSC certificate.

Publications by Samuel A. Merrell

Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0

April 01, 2011 • Technical Report

John Haller Samuel A. Merrell Matthew J. Butkovic

In this 2011 report, an update to its 2010 counterpart, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.
read
Public-Private Partnerships: Essential for National Cyber Security

November 30, 2010 • Podcast

Samuel A. Merrell John Haller Philip Huff (Arkansas Electric Cooperative Corporation)

In this podcast, participants explain that knowledge of software assurance is essential to ensure that complex systems function as intended.
learn more
Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability

June 01, 2010 • Special Report

John Haller Samuel A. Merrell Matthew J. Butkovic

In this report, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.
read
The Confluence of Physical and Cyber Security Management

March 01, 2009 • Presentation

Samuel A. Merrell James F. Stevens

In this presentation, Sam Merrell and James Stevens describe an integrate view of security that includes both physical security and cybersecurity.
read
Initiating a Security Metrics Program: Key Points to Consider

March 18, 2008 • Podcast

Samuel A. Merrell Julia H. Allen

In this podcast, Samuel Merrell explains that a sound security metrics program should select data relevant to consumers from repeatable processes.
learn more
FISMA and Metrics

October 25, 2007 • Presentation

Samuel A. Merrell

This presentation discusses the importance of implementing a metrics program and how such an implementation relates to the Federal Information Security Management Act (FISMA).
read

Samuel A. Merrell

Software Engineering Institute

Publications by Samuel A. Merrell

April 01, 2011 • Technical Report

November 30, 2010 • Podcast

June 01, 2010 • Special Report

March 01, 2009 • Presentation

March 18, 2008 • Podcast

October 25, 2007 • Presentation