Bradford J. Willke
Software Engineering Institute
Publications by Bradford J. Willke
-
Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0
April 01, 2011 • Technical Report
John HallerSamuel A. MerrellMatthew J. Butkovic
In this 2011 report, an update to its 2010 counterpart, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.
read -
Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability
June 01, 2010 • Special Report
John HallerSamuel A. MerrellMatthew J. Butkovic
In this report, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.
read -
Managing Risk to Critical Infrastructures at the National Level
August 05, 2008 • Podcast
Bradford J. WillkeJulia H. Allen
In this podcast, Bradford Willke explain how protecting critical infrastructures and the information they use are essential for preserving our way of life.
learn more -
Management and Education of the Risk of Insider Threat (MERIT): System Dynamics Modeling of Computer System
May 01, 2008 • White Paper
Dawn CappelliAkash G. Desai (Information Networking Institute, Carnegie Mellon University)Andrew P. Moore
In this paper, the authors describe the MERIT insider threat model and simulation results.
read -
Insider Threat Study: Illicit Cyber Activity in the Government Sector
January 01, 2008 • White Paper
Eileen Kowalski (United States Secret Service)Dawn CappelliBradford J. Willke
In this paper, the authors present the findings of a research effort to examine reported insider incidents in the government sector.
read -
Management and Education of the Risk of Insider Threat (MERIT): Mitigating the Risk of Sabotage to Employers Information, Systems, or Networks
March 01, 2007 • Technical Note
Dawn CappelliAkash G. Desai (Information Networking Institute, Carnegie Mellon University)Andrew P. Moore
In this 2006 report, the authors describe MERIT insider threat model and simulation results.
read -
Information Asset Profiling
June 01, 2005 • Technical Note
James F. StevensRichard A. CaralliBradford J. Willke
In this 2005 report, the authors describe IAP, a documented and repeatable process for developing consistent asset profiles.
read -
Managing for Enterprise Security
December 01, 2004 • Technical Note
Richard A. CaralliJulia H. AllenJames F. Stevens
In this 2004 report, the authors itemize characteristics of common approaches to security that limit effectiveness and success.
read -
The Critical Success Factor Method: Establishing a Foundation for Enterprise Security Management
July 01, 2004 • Technical Report
Richard A. CaralliJames F. StevensBradford J. Willke
In this report, the authors describe the critical success factor method and present theories and experience in applying it to enterprise security management.
read