« More News Stories
Group to help businesses assess threats, respond to incidents, and improve security posture
June 7, 2011—The Carnegie Mellon Software Engineering Institute CERT program has launched an innovative new program designed to assist organizations in becoming more resilient in the face of operational disruption and stress. Members from government, financial, commercial, and academic organizations such as the United States Postal Inspection Service, Discover Financial Services, Lockheed Martin, and Carnegie Mellon University are participating in four two-day workshops designed with hands-on activities to assess operational resilience, identify areas of improvement, and implement improvement plans using the CERT Resilience Management Model (CERT-RMM) as the guide.
“Focusing on operational resilience as a target ensures that security and continuity activities are effective and support strategic objectives. During these workshops, members will attain practical skills for improving security and continuity practices and be exposed to what works in other organizations. Through collaboration, members can leave each workshop session with improved confidence that their security and continuity activities are effective,” said Richard Caralli, technical manager of the CERT Resilient Enterprise Management Team.
CERT-RMM is a maturity model for improving operational resilience. It focuses on 26 key process areas that span the security, business continuity, and IT operations domains and four areas of operational resilience management: enterprise, engineering, operations, and process management. Maturity is expressed in capability levels: the extent to which operational resilience processes and practices have been acculturated and institutionalized.
Institutionalized processes are more likely to be retained during times of stress—the times when the organization must perform confidently, predictably, and consistently. Details about the CERT-RMM Users Group Workshop may be found on the SEI website. As a step toward understanding and improving operational resiliency, organizations are invited to participate in the upcoming workshops. For more information, contact email@example.com.