During this fiscal year, SEI staff members participated in 342 interviews with members of the news media. Articles appeared in more than 100 different publications, including The New York Times, The Wall Street Journal, The Washington Post, and USA Today. Staff members provided information about such topics as cyberterrorism, software quality and liability, and computer security incidents and vulnerabilities.

A selected bibliography of articles that resulted from interviews with SEI staff members follows.

Business Week   |   “Commentary: The Best Way to Make Software Secure: Liability.” March 18, 2002. Although people talk of improving computer security, they rarely discuss the most common problem. Poorly written software is the root cause of many security breaches. References CERT® Coordination Center (CERT/CC), quotes Marty Lindner.  |  “A Chat with Worm Hunter Richard Pethia.” Oct. 23, 2001. Richard Pethia discusses security breaches and viruses on the Internet in a question-and-answer session.

CIO Magazine  |  “Who’s on Your Network?” Sept. 15, 2002. This article about intrusion detection systems quotes Julia Allen and refers to the CERT/CC.

Computerworld  |  “Privacy Bill Includes Security Rules.” Sept. 27, 2002. The CERT/CC is cited as a threat-warning service that businesses might participate in under bill H.R. 4678.

Federal Computer Week  |  “E-gov Security Gateway in Works.” May 27, 2002. The General Services Administration is using an SEI assessment approach, e-Authentication risk and requirements analysis (e-RA), to analyze risks associated with a “security gateway” for e-government. This gateway will provide a single authentication point for vendors, citizens, and government employees who want to engage in transactions with the government.  |  “Filling the Infosec Ranks.” Aug. 12, 2002. Carnegie Mellon University is helping colleges and universities train the next generation of information security professionals. This article mentions the CERT/CC’s role in this project.

Forbes Magazine  |  “Attack of the Clones.” June 10, 2002. This article about the Klez virus cites CERT/CC software vulnerability statistics.

IDG News Service  |  “CERT: Security Incidents More Than Double in 2001.” Jan. 11, 2002. The number of security incidents reported to the CERT/CC more than doubled in 2001 compared with the previous year, according to CERT/CC figures.

Information Week  |  “Hackers Attacking Routers in Greater Numbers.” Oct. 31, 2001. Kevin Houle of the CERT/CC explains that, although the tactic of hacking routers hasn’t become widespread, it’s the beginning of a new phenomenon.

Los Angeles Times  |  “FBI Warns of Hacker Attacks from Europe.” Aug. 7, 2002. This article about the FBI warning about possible attacks on Web sites and Internet providers mentions the CERT/CC and quotes Marty Lindner.

MIT Technical Review  |  “Why Software Is So Bad.” June 18, 2002. This article about the state of software engineering quotes SEI Fellow Watts Humphrey.

New York Stock Exchange Magazine  |  “Cyber Risk.” May 2002. This article about cyberterrorism and trends in computer attacks includes references to the CERT/CC and quotes Tom Longstaff.

The New York Times  |  “Computer Security Experts Warn of Internet Vulnerability.” Feb. 13, 2002. The CERT Coordination Center (CERT/CC) issued a warning about vulnerabilities involving the Simple Network Management Protocol (SNMP), a method for transferring data over computer networks. Quotes Shawn Hernan.  |  “Cyberspace Seen as Potential Battleground.” Nov. 23, 2001. Government officials are warning that cyber attacks are likely as retribution for the United States campaign in Afghanistan. The CERT/CC published a memorandum outlining the nature of the new, brawnier attacks. Quotes Kevin Houle and Jeffrey A. Hunker (dean of Carnegie Mellon’s Heinz School).

Newsfactor Network  |  “As Threat of Cyber Attacks Grows, Security Specialists Blame Faulty Software.” Aug. 21, 2002. This article about the role of software quality in cyber attacks quotes Watts Humphrey extensively and mentions the SEI.

Newsweek  |  “Hacking Grows with Internet Use.” March 15, 2002. As Internet usage grows at home and at work, computer security breaches have also risen significantly—particularly in the past few years. Mentions the CERT/CC.

Pittsburgh Post-Gazette  |  “Program Helps Smaller Manufacturers Boost Productivity—and Morale.” Sept. 22, 2002. This article covers the SEI TIDE Program, citing Magdic Precision Tooling’s collaboration with the program.

Scientific American  |  “Survival in an Insecure World.” May 2002. This article gives a brief background of David Fisher and discusses his work with the CERT/CC’s Easel project. Mentioning Richard Pethia and Timothy Shimeall, the article emphasizes the importance of simulating unbounded systems.

USA Today  |  “Research Group Finds Holes in Net Security.” Feb. 12, 2002. The CERT/CC issued a warning about flaws in the simple network management protocol discovered last year by researchers at the University of Finland. Quotes Shawn Hernan.

Wall Street Journal  |  “’Goner’ Computer Virus Disrupts Operations at Some Corporations.” Dec. 5, 2001. Antivirus companies scrambled to protect their customers against a new computer virus, dubbed “Goner,” which deleted system files and clogged networks across the globe. Quotes Marty Lindner of the CERT/CC.

Washington Post  |  “Executives Advised to Take Role in Internet Security.” July 24, 2002. This article about the Internet Security Alliance’s guide for protecting organizations’ vulnerable networks and content references the SEI and CERT/CC and quotes Richard Pethia.  |  “Key Players in US Government’s Cybersecurity Efforts.” Sept. 18, 2002. Pethia was cited as a “key player” in the government’s cybersecurity efforts. Other key players include Richard Clarke, John Tritak, Ron Dick, and Phil Bond.