Samuel A. Merrell
Software Engineering Institute
Sam Merrell is an SEI alumni employee.
Sam Merrell is a member of the technical staff in the CERT Program at the Software Engineering Institute (SEI). As a part of the Survivable Enterprise Management Team, Merrell works with organizations to improve their information security management practices. This work has included FISMA compliance efforts and analysis of information security programs of Federal agencies. He is currently working on Critical Information Infrastructure Protection projects within the U.S. as well as internationally. Prior to joining the SEI, Merrell spent seven years as the Information Technology Manager for a Pittsburgh-area community bank. Prior to that, he was an information technology consultant, primarily supporting the IBM AS/400. Merrell holds an undergraduate degree from the University of Pittsburgh and holds the CISSP certification as well as the SANS GGSC certificate.
Publications by Samuel A. Merrell
-
Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0
April 01, 2011 • Technical Report
John HallerSamuel A. MerrellMatthew J. Butkovic
In this 2011 report, an update to its 2010 counterpart, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.
read -
Public-Private Partnerships: Essential for National Cyber Security
November 30, 2010 • Podcast
Samuel A. MerrellJohn HallerPhilip Huff (Arkansas Electric Cooperative Corporation)
In this podcast, participants explain that knowledge of software assurance is essential to ensure that complex systems function as intended.
learn more -
Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability
June 01, 2010 • Special Report
John HallerSamuel A. MerrellMatthew J. Butkovic
In this report, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.
read -
The Confluence of Physical and Cyber Security Management
March 01, 2009 • Presentation
Samuel A. MerrellJames F. Stevens
In this presentation, Sam Merrell and James Stevens describe an integrate view of security that includes both physical security and cybersecurity.
read -
Initiating a Security Metrics Program: Key Points to Consider
March 18, 2008 • Podcast
Samuel A. MerrellJulia H. Allen
In this podcast, Samuel Merrell explains that a sound security metrics program should select data relevant to consumers from repeatable processes.
learn more -
FISMA and Metrics
October 25, 2007 • Presentation
Samuel A. Merrell
This presentation discusses the importance of implementing a metrics program and how such an implementation relates to the Federal Information Security Management Act (FISMA).
read