Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Samuel J. Perl
December 2018 - Technical Report Incident Management Capability Assessment

Topics: Incident Management

Managing incidents that threaten an organization's computer security is complex. The capabilities presented here provide a benchmark of incident management practices.

December 2016 - Technical Report The Critical Role of Positive Incentives for Reducing Insider Threats

Topics: Insider Threat

This report describes how positive incentives complement traditional practices to provide a better balance for organizations' insider threat programs.

May 2016 - Technical Report An Insider Threat Indicator Ontology

Topics: Insider Threat

This report presents an ontology for insider threat indicators, describes how the ontology was developed, and outlines the process by which it was validated.

August 2015 - Podcast Capturing the Expertise of Cybersecurity Incident Handlers

Topics: Incident Management

In this podcast, Dr. Richard Young, a professor with CMU, and Sam Perl, a member of the CERT Division, discuss their research on how expert cybersecurity incident handlers react when faced with an incident.

November 2014 - Conference Paper An Incident Management Ontology

Topics: Incident Management

In this paper, the authors describe the shortcomings of the incident management meta-model and how an incident management ontology addresses those shortcomings.

November 2014 - Conference Paper An Ontology for Insider Threat Indicators

Topics: Insider Threat

In this paper, the authors describe their ongoing development of an insider threat indicator ontology.