Media Coverage
August 11, 2008
Washington Post: San Francisco Case Shows Vulnerability Of Data Networks
CERT's Dawn Cappelli is quoted on the dangers of insider threat. MORE >>
May 19, 2008
Pittsburgh Business Times: Keeping Information Secure Requires Planning, Vigilance
CERT's Julia Allen explains how businesses should plan and prioritize their assets to increase security. MORE >>
May 19, 2008
Pittsburgh Business Times: Protecting Data from Danger
Dawn Cappelli, CERT's insider threat team lead, discusses how insider threats from company employees are becoming increasingly common. CERT's Nick Ianelli is also quoted on emerging malware trends. MORE >>
May 19, 2008
ITWorld.com: Developing More Secure Software - Getting Started
Julia Allen, a senior member of CERT's technical staff, takes an excerpt from the book Software Security Engineering to outline what project managers responsible for software development need to do. MORE >>
April 28, 2008
Federal Computer Week: Cybersecurity's New World Order
Jeff Carpenter, CERT/CC's technical manager, is quoted in this article. MORE >>
April 10, 2008
Computer Weekly: Spot the Warning Signs of Inisder Attacks
According to CERT's Dawn Cappelli, insider attacks on corporate information are highly predictable, but nearly half of companies face losses because they ignore the warning signs. MORE >>
April 10, 2008
The Register Developer: Old People Can Sabotoge Software Too
CERT's Dawn Cappelli discusses the common characteristics of disgruntled employees and their potential risk to their organizations. MORE >>
April 10, 2008
Pittsburgh Tribune-Review: CMU Team Zeros in on Electronic Thieves
Dawn Cappelli, CERT's team lead for insider threat, discusses the insider theft of confidential and sensitive information such as Social Security and credit card numbers, personally identifiable information and industrial espionage and how it is a growing concern to both industry and government. MORE >>
March 20, 2008
Wall Street Journal: What's Your Favorite Security Question?
CERT's Jason Rafail makes recommendations on how to securely manage online passwords. MORE >>
March 17, 2008
SC Magazine: Adobe, Cisco Advisories Warn of "Critical" Vulnerabilities
CERT vulnerability analyst Will Dormann talks about what the vulnerabilties will do, how to prevent them, and recent trends. MORE >>
March 10, 2008
NetworkWorld: Security Must Evolve, CERT Official Says
Lisa Young, a senior member of the CERT technical staff, explains how the Resiliency Engineering Framework guides security strategy. MORE >>
February 29, 2008
Solutions-Daily.com: SMART Ultra-Large-Scale Systems Forum
The SMART Conference, hosted by the SEI to highlight the Institute's research on ultra-large-scale (ULS) systems, is profiled. MORE >>
February 19, 2008
InfoWorld: Be Prepared - ActiveX Attacks Will Persist
Will Dormann, a CERT vulnerability analyst, is quoted in this article on the risks created by flaws in technology, poor development practices, and a large user base. MORE >>
February 19, 2008
Dr. Dobb's Journal: Agile CMMI?
This article looks at how agile software development and CMMI work together. MORE >>
January 31, 2008
eWeek.com: Caught in a (Real) Security Bind
CERT vulnerability analyst Chad Dougherty is quoted in this artcile about dealing with hacker attacks. MORE >>
January 18, 2008
CIOZone: Wal-Mart Spying - Good, Bad, or Just the Future?
Robin Ruefle, a member of the CERT technical staff, describes why it's important to be prepared to handle security incidents. MORE >>
December 6, 2007
NetworkWorld: Podcasts Busting Out at CERT/CC
CERT has a phenomenal resource for everyone interested in changing attitudes about information assurance. MORE >>
November 12, 2007
Computer Weekly.com: General Motors Oils Supply Chain with Web 2.0 Lessons
This article outlines how the SEI's CMMI-ACQ model allows GM's main IT suppliers to work together without the need for GM to manage the relationship. MORE >>
November 9, 2007
Pittsburgh-Tribune Review: CMU, Pitt Attract Millions for Military Work
The SEI's role in developing best practices for all aspects of software engineering is profiled. MORE >>
November 8, 2007
ComputerWorld: Defense Dept. and GM Back Purchasing Standards for Software and Services
Two of the world's largest consumers of technology, General Motors Corp. and the U.S. Department of Defense, are backing CMMI for Acquisition, a set of best practices for buying software and services, which they believe will reduce risks and costs of IT projects. MORE >>
November 8, 2007
InformationWeek: General Motors CIO Promotes Procurement Standards
Ralph Szygenda says CMMI for Acquisition helps the automaker juggles multiple service vendors employing a total of 15,000 IT professionals worldwide. MORE >>
November 8, 2007
DDJ.com: CMU Intros Master Program for Software Engineering Management
A collaborative effort from Carnegie Mellon's School of Computer Science, the Heinz School of Public Policy and Management, and the SEI, the degree program offers a multi-disciplinary view of software engineering for managers. MORE >>
November 8, 2007
Pittsburgh Tribune-Review: FBI Chief Lauds City's Cyber-Crime Fight
FBI Director Mueller applauds CERT's efforts against the threat of cyber-terrorism MORE >>
November 8, 2007
Pittsburgh Post-Gazette: FBI Chief Warns of Cyber Crime Dangers
FBI Director Robert Mueller visited Pittsburgh yesterday to tour CERT and addressed the changing nature of cyber crime, and the ways federal law enforcement is fighting it. MORE >>
November 7, 2007
DDJ.com: SEI Announces CMMI-based Best Practices Model for Acquiring IT
The SEI, along with General Motors' Information Systems and Services, HP, Capgemini, and the U.S. government, has announced a comprehensive new best-practices model called CMMI for Acquisition that it believes will revolutionize the way governments and businesses worldwide acquire or outsource their software-intensive systems and services. MORE >>
November 7, 2007
ThePittsburghChannel.com: Director of FBI in Pittsburgh to Address Cyber-Terrorism
While in Pittsburgh, FBI Director Robert Mueller spoke about CERT's contributions to the cyber war on terror. MORE >>
November 5, 2007
Dark Reading: The Devils in the Design
Dawn Cappelli, CERT's team lead for insider threat, discusses how organizations can work to avoid sabotage from their own software developers. MORE >>
November 5, 2007
Pittsburgh Business Times: CMU Unveils New Masters Program
The master of science in information technology and software engineering management degree will take a multi-disciplinary approach to management training and will incorporate SEI courses. MORE >>
October 28, 2007
ZDNet: Stopping Failure In Its Tracks
SEI Fellow Watts S. Humphrey's Surviving Failure is used to demonstrate how to prevent failure. MORE >>
October 26, 2007
IEEE Distributed Systems: Stepping Up to Long-Term Research
The SEI report Ultra-Large-Scale Systems: The Software Challenge of the Future is featured. MORE >>
October 23, 2007
NPR's Future Tense: Denial of Service Attacks 101
In this interview, Nick Ianelli describes denial of services attacks. Ianelli is a member of the technical staff at CERT. MORE >>
October 19, 2007
ComputerWeekly.com: How to Implement Role-Based Access Control
Dawn Cappelli, CERT's team lead for insider threat, discusses how many companies aren’t adequately aligning their security needs with their IT security and how it can lead to vulnerabilities. MORE >>
October 10, 2007
Government Executive Magazine: Shadow IT
CERT's Marty Lindner offers a common sense solution for IT restrictions. MORE >>
October 10, 2007
IEEE Computer: Web 2.0 Creates Security Challenges
Will Dormann, a CERT vulnerability analyst, discusses why Web 2.0 sites carry more risk than traditional web sites. MORE >>
October 3, 2007
Pittsburgh Post-Gazette: Online Computer Gaming Provides Anti-Scam Groups with Even More Reasons to Worry
Jason Milletary, a CERT Internet security analyst, speaks about online criminal activity. MORE >>
October 2, 2007
Internetnews.com: CERT Fortifies Code Analysis
Beyond just identifying security problems, CERT is also concerned with helping developers eliminate security problems before they occur. MORE >>
October 2, 2007
Dark Reading: CERT Advances Secure Coding Standards
This article details CERT's work to automate the checking compliance process with its secure coding standards. Robert Seacord, a senior vulnerability analyst, is quoted. MORE >>
October 2, 2007
DDJ.com: Fortify, CERT/CC Team Up for Secure C, C++
Robert Seacord, a senior vulnerability analyst at CERT, is quoted in this article about the work being done to eliminate vulnerabilities before applications are deployed. MORE >>
October 1, 2007
IEEE Security and Privacy Magazine: Optimizing Investments in Security Countermeasures
CERT's Nancy Mead and Carnegie Mellon's Jonathan Caulkins teamed up with CMU Information Network Institute Alumni Hassan Osman and Eric D. Hough to present a tool and methodology they developed to help software engineers and their client make security decisions when resources are limited. MORE >>