Dawn Cappelli
Senior Member of Technical Staff
CERT Program

Dawn Cappelli is a Senior Member of the Technical Staff in CERT at Carnegie Mellon University's Software Engineering Institute (SEI). She has over 25 years experience in software engineering, including programming, technical project management, information security, and research. She is technical lead of CERTs insider threat research, including the Insider Threat Study conducted jointly by the U.S. Secret Service and CERT.

One current focus of the CERT insider threat team is use of modeling and simulation to analyze and communicate the complexity of the insider threat problem. Specifically, the team has produced the MERIT (Management and Education of the Risk of Insider Threat) model of insider IT sabotage. The MERIT model demonstrates the impacts of policy decisions, technical security measures, psychological issues, and organizational culture on risk of insider threat over time. The team also recently used system dynamics modeling to compare insider IT sabotage and espionage for the DOD's Personnel Security Research Center (PERSEREC).

In another current project, MERIT InterActive, the team is working with the Carnegie Mellon Entertainment Technology Center to develop an insider threat training simulation that immerses users in a realistic business setting from which they make decisions regarding how to prevent, detect, and respond to insider actions and see the impacts of their decisions in terms of key performance metrics.

Ms. Cappelli regularly presents at national conferences, and is also adjunct professor in Carnegie Mellons Heinz School of Public Policy and Management. Ms. Cappelli has been with Carnegie Mellon since 1988.

Professional Background

Before joining CERT in 2001, Cappelli was the Director of Engineering for the Information Technology Development Center of the Carnegie Mellon Research Institute (CMRI). While with CMRI, she was a technical and program manager for a variety of information networking projects. These projects included the design and development of large-scale databases and Internet-based systems that adhered to data privacy and security requirements, the design and implementation of multi-organizational portals for preparation and response to Weapons of Mass Destruction and collaboration among public health department epidemiologists, and the design and development of a networked media solution for remote collaboration between teachers of children with special needs and consultants. Previously she worked in Computing Services at Carnegie Mellon University where she led several teams in the areas of web application development, database development, and networked media. Cappelli began her career at Carnegie Mellon University (CMU) in the Information Technology Department at the SEI, managing development of various web and database applications, as well as managing the redesign of the SEI's website by an interdisciplinary project team.

Prior to her career at CMU, Cappelli worked for Westinghouse Electric Corporation. While at Westinghouse, she designed and developed systems for nuclear power plants, including real-time graphical user interface systems for power plant operators and Computer-Aided Engineering systems for nuclear plant designers.

Education

BS in Mathematics and Computer Science from the University of Pittsburgh