Charles M. Wallen
CERT Division, Software Engineering Institute
Charles M. Wallen has been a thought leader in operations and IT risk management for over 20 years. He has provided consulting to public and private organizations, led industry-wide initiatives, and managed global operations risk management and governance programs at American Express and Bank of America.
Charles works closely with the CERT Division of Carnegie Mellon University’s Software Engineering Institute as a Senior Member of the Technical Staff. His work at CERT focuses on resilience management, external dependency risk management, and critical infrastructure protection. He is a Principal with Spectrum Consulting Services, in Dallas, Texas, which he formed in 2004. Spectrum provides management consulting to a variety of industries, specializing in operations risk management, cybersecurity, business continuity, supplier oversight, and governance.
Publications by Charles M. Wallen
-
Cloud Increases the Role of Acquisition in Cybersecurity
April 06, 2020 • Article
Carol Woody, PhDChristopher J. AlbertsJohn Klein
This article describes how an organization might address cybersecurity when it adopts cloud technology to replace physical data centers and monitoring and testing can no longer be performed directly on the equipment the system uses.
read -
Cyber Hygiene: A Baseline Set of Practices
November 15, 2017 • Presentation
Matthew TrevorsCharles M. Wallen
The CERT Division's Cybersecurity Hygiene is a set of 11 practice areas for managing the most common and pervasive cybersecurity risks faced by organizations.
read -
Assessing DoD System Acquisition Supply Chain Risk Management
May 01, 2017 • Article
Christopher J. AlbertsJohn HallerCharles M. Wallen
In this Crosstalk article, the authors discuss the growing challenge of cyber risks in the defense supply chain.
read -
Managing Third Party Risk in Financial Services Organizations: A Resilience-Based Approach
September 27, 2016 • White Paper
John HallerCharles M. Wallen
A resilience-based approach can help financial services organizations to manage cybersecurity risks from outsourcing and comply with federal regulations.
read -
Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes
May 01, 2007 • Technical Report
Richard A. CaralliJames F. StevensCharles M. Wallen (Financial Services Technology Consortium)
In this 2007 report, the authors explore the transformation of security and business continuity into processes to support and sustain operational resiliency.
read -
Resiliency Engineering Framework Project Update
October 11, 2006 • Presentation
David W. WhiteCharles M. Wallen (Financial Services Technology Consortium)
This presentation provides an update of the Resiliency Engineering Framework project being conducted by the Software Engineering Institute's CERT program. It was delivered by David White and Charles Wallen at the FSTC annual meeting on October 11, 2006.
read -
Operational Resiliency Management: An Introduction to the Resiliency Engineering Framework
September 20, 2006 • Presentation
Richard A. CaralliCharles M. Wallen (Financial Services Technology Consortium)
In this presentation, Ron McLeod discusses a partnership with TARA to analyze the outbound and inbound traffic in networks of convenience.
read