search menu icon-carat-right cmu-wordmark

News Archive

Looking for older news stories? Check the archives: 2019, 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011 and older.

Christian Science Monitor: Bradley Manning Case Signals US Vulnerability to 'Insider' Cyberattack

Christian Science Monitor: Bradley Manning Case Signals US Vulnerability to 'Insider' Cyberattack

December, 22 2011 • Media Coverage

Dawn Cappelli discusses how insider attacks are a consistent threat for many organizations and shares different types of insider attacks and what can be done to mitigate them.

Read More
SEI Releases the 2011 Smart Grid Maturity Model Update

SEI Releases the 2011 Smart Grid Maturity Model Update

December, 13 2011 • Press Release

The SEI released the 2011 Smart Grid Maturity Model (SGMM) update. The update announces Version 1.2 enhancements to the entire product suite and provides updates on the worldwide community of SGMM users and partners.

Read More
SYS-CON.com: US Cyber Command Conducts Tactical Cyber Exercise

SYS-CON.com: US Cyber Command Conducts Tactical Cyber Exercise

December, 06 2011 • Media Coverage

XNET was used to train cyber and IT professionals during the Cyber Flag 12-1 cyber exercise.

Read More
Government Computer News: Congress Mulls Clearinghouse for Sharing Cyber Threat Info

Government Computer News: Congress Mulls Clearinghouse for Sharing Cyber Threat Info

December, 06 2011 • Media Coverage

Greg Shannon testified about draft legislation to create a clearinghouse for cybersecurity and threat information.

Read More
Cisco and CERT Team Up to Promote Adoption of Secure C Coding Standard

Cisco and CERT Team Up to Promote Adoption of Secure C Coding Standard

November, 16 2011 • Media Coverage

Cisco Systems, Inc. has announced it has adopted the CERT® C Secure Coding Standard as a baseline programming standard in its product development.

Read More
Health Data Management: Information Insecurity, Inside Edition

Health Data Management: Information Insecurity, Inside Edition

September, 29 2011 • Media Coverage

Randy Trzeciak, Technical Team Lead of Insider Threat Outreach and Transition at CERT, shares guidelines that organizations should follow to protect themselves from insider threats.

Read More
SEI Director Paul Nielsen Promotes the Work of the SEI and Heinz College in Australia

SEI Director Paul Nielsen Promotes the Work of the SEI and Heinz College in Australia

September, 22 2011 • Article

SEI Director Paul Nielsen recently completed a visit to Australia where he met with top Australian officials in higher education, government, finance, the Australian military, and the Australian defense industry.

Read More
The NCFTA: Combining Forces to Fight Cyber Crime

The NCFTA: Combining Forces to Fight Cyber Crime

September, 16 2011 • Media Coverage

NCFTA draws its intelligence from hundreds of private-sector members including the CERT Division.

Read More
eWeek: UBS Rogue Trader Underscores Insider Threats Facing Enterprises

eWeek: UBS Rogue Trader Underscores Insider Threats Facing Enterprises

September, 15 2011 • Media Coverage

CERT Chief Scientist Greg Shannon testified about the continued threat of insider attacks to the nation's enterprises.

Read More
CERT Secure Coding Team Publishes Secure Coding Standard for Java

CERT Secure Coding Team Publishes Secure Coding Standard for Java

September, 14 2011 • Article

A team of software security researchers in the CERT Program at the SEI has authored The CERT Oracle Secure Coding Standard for Java.

Read More
NextGov: Cyber Breaches at Financial Firms Increasingly are Inside Jobs

NextGov: Cyber Breaches at Financial Firms Increasingly are Inside Jobs

September, 14 2011 • Media Coverage

Greg Shannon testified to a House subcommittee on Financial Services that the continued stress of the economy on the workplace has exacerbated the potential for insider threat.

Read More
SGMM Navigators Guide Utilities in Their Smart Grid Transformation

SGMM Navigators Guide Utilities in Their Smart Grid Transformation

August, 29 2011 • Article

The SEI Smart Grid Maturity Model team recently introduced the Smart Grid Maturity Model (SGMM) Navigation process to help utilities adopt SGMM and modernize the electric power grid.

Read More
Radiology Today: Finding Holes in IT Security — Your Own People May Be the Biggest Risk

Radiology Today: Finding Holes in IT Security — Your Own People May Be the Biggest Risk

August, 01 2011 • Media Coverage

Randy Trzeciak of the CERT Insider Threat Center warns that insiders pose threats to healthcare organizations as the use of electronic medical records continues to increase.

Read More
SEI Research Team Drives Edge-Enabled App Programming to Tactical Handheld Devices

SEI Research Team Drives Edge-Enabled App Programming to Tactical Handheld Devices

July, 18 2011 • Article

RTSS researchers are working to provide user-controlled system adaptation to first responders, warfighters, and others working with handheld devices in tactical environments.

Read More
CERT Hosts Sixth Annual Meeting of CSIRTs with National Responsibility

CERT Hosts Sixth Annual Meeting of CSIRTs with National Responsibility

July, 08 2011 • Article

Representatives from the SEI's CERT Program recently hosted the 2011 Annual Meeting of Computer Security Incident Response Teams (CSIRTs) with National Responsibility in Vienna, Austria.

Read More
Delegates Discuss Global Excellence in Software and Security at SEPG Europe 2011

Delegates Discuss Global Excellence in Software and Security at SEPG Europe 2011

June, 16 2011 • Article

Dublin, Ireland, hosted the Carnegie Mellon Software Engineering Institute (SEI) and more than 150 delegates for SEPG Europe 2011 on June 7-9. Delegates from 27 countries participated in discussions regarding Global Excellence in Software and Security.

Read More
MIT Technology Review: U.S. Military, Businesses Seek Better Defenses on the Inside

MIT Technology Review: U.S. Military, Businesses Seek Better Defenses on the Inside

June, 08 2011 • Media Coverage

Joji Montelibano, who leads the CERT insider-threat technical team discusses the prevalence of insider attacks and research his team is doing to help organizations mitigate insider threats.

Read More
CERT Launches Resilience Users Group

CERT Launches Resilience Users Group

June, 07 2011 • Article

The CERT program has launched an innovative new program designed to help organizations become more resilient in the face of operational disruption and stress.

Read More
CERT Uses XNET to Deliver Forensics Challenge

CERT Uses XNET to Deliver Forensics Challenge

May, 31 2011 • Article

CERT recently added a forensics challenge to the 2011 NSA Cyber Defense Exercise.

Read More
Philadelphia Inquirer: Guarding Against Identity Theft Requires Much Vigilance

Philadelphia Inquirer: Guarding Against Identity Theft Requires Much Vigilance

May, 05 2011 • Media Coverage

Chad Dougherty shares tips on what technology users can do to guard against identity theft.

Read More
Forbes.com: CIA Investors Aim To Build A Pseudo-Gambling Market For Data Security Predictions

Forbes.com: CIA Investors Aim To Build A Pseudo-Gambling Market For Data Security Predictions

April, 26 2011 • Media Coverage

Researchers are using prediction markets to gain foresight into cryptography research, cyber threats, and data security-related regulation.

Read More
For the Record: Finding Holes in IT Security

For the Record: Finding Holes in IT Security

April, 25 2011 • Media Coverage

Randy Trzeciak, technical team lead for the Insider Threat Outreach and Transition group, discusses how insiders can pose a substantial security threat in healthcare organizations.

Read More
CSO Magazine: Insider Attacks Costly, but There's a Silver Lining

CSO Magazine: Insider Attacks Costly, but There's a Silver Lining

February, 03 2011 • Media Coverage

Joji Montelibano, of the CERT Insider Threat Center, discusses the results of the 2011 Cybersecurity Watch Survey with CSO magazine.

Read More
Computerworld: Security Fail: When Trusted IT People Go Bad

Computerworld: Security Fail: When Trusted IT People Go Bad

January, 18 2011 • Media Coverage

Dawn Cappelli shares common security mistakes companies make and how they can protect themselves against malicious insiders.

Read More
Software Engineering Institute Releases Version 1.3 of CMMI Product Suite

Software Engineering Institute Releases Version 1.3 of CMMI Product Suite

December, 28 2010 • Press Release

The SEI announces the release of the Capability Maturity Model Integration (CMMI) Version 1.3, which includes improvements to the entire product suite: CMMI for Development (CMMI-DEV), CMMI for Acquisition (CMMI-ACQ), and CMMI for Services (CMMI-SVC).

Read More
CERT Resilience Management Model Book Published by Addison-Wesley

CERT Resilience Management Model Book Published by Addison-Wesley

December, 14 2010 • Press Release

The CERT® Program of the Carnegie Mellon University Software Engineering Institute announced that the CERT Resilience Management Model (CERT®-RMM) Version 1.1 has been published by Addison-Wesley Professional.

Read More
Bank Info Security: Incident Response: Drafting the Team

Bank Info Security: Incident Response: Drafting the Team

November, 05 2010 • Media Coverage

CERT's Georgia Killcrece discusses the importance of creating an incident response team and the necessary skills incident response team members should have.

Read More
Bank Info Security: Incident Response Career Trends

Bank Info Security: Incident Response Career Trends

November, 03 2010 • Media Coverage

In the second part of a two-part discussion of incident response trends for 2011, Georgia Killcrece discusses skills needed today in incident response and how professionals can attain or refine those skills.

Read More
National Medal of Technology Winner Watts Humphrey, 1927 - 2010

National Medal of Technology Winner Watts Humphrey, 1927 - 2010

October, 28 2010 • Article

October 28, 2010—Watts Humphrey, founder of the Software Process Program at the Carnegie Mellon Software Engineering Institute (SEI) and recipient of the National Medal of Technology, died today at his home in Sarasota, Florida. He was 83. “Watts Humphre

Read More
Carnegie Mellon Software Engineering Institute Names New Program Director

Carnegie Mellon Software Engineering Institute Names New Program Director

October, 14 2010 • Press Release

The Carnegie Mellon University Software Engineering Institute (SEI) recently named Anita Carleton director of its Software Engineering Process Management (SEPM) Program.

Read More
More than 110 Attendees Gather for the TSP Symposium 2010

More than 110 Attendees Gather for the TSP Symposium 2010

September, 30 2010 • Article

Attendees from 15 U.S. states and 10 countries around the world visited Pittsburgh, the headquarters city for the Carnegie Mellon Software Engineering Institute, for the TSP Symposium 2010.

Read More
Fight Insider Threats with the Tools you Already Have

Fight Insider Threats with the Tools you Already Have

September, 27 2010 • Media Coverage

CERT's Michael Hanley and Dawn Cappelli offer tips and best practices for preventing and identifying malicious insider activity in a Network World story.

Read More
SEI Announces New Chief Technology Officer Dr. Douglas C. Schmidt

SEI Announces New Chief Technology Officer Dr. Douglas C. Schmidt

August, 03 2010 • Article

Dr. Douglas C. Schmidt has joined the SEI in its Arlington, Va., office as deputy director, research, and chief technology officer. Schmidt will lead the SEI in identifying and responding to the needs of sponsors, customers, and partners.

Read More
Carnegie Mellon Software Engineering Institute Announces New Chief Technology Officer

Carnegie Mellon Software Engineering Institute Announces New Chief Technology Officer

August, 03 2010 • Press Release

Dr. Douglas C. Schmidt has joined the SEI in its Arlington, Va., office as deputy director, research, and chief technology officer. Schmidt will lead the SEI in identifying and responding to the needs of sponsors, customers, and partners.

Read More
Database Admin Gets 12 Months For Hacking Employer

Database Admin Gets 12 Months For Hacking Employer

July, 08 2010 • Media Coverage

InformationWeek shared data from a study conducted by the U.S. Secret Service and the SEI CERT Insider Threat team.

Read More
SMART Evolves to Meet Range of Service-Oriented Architecture Needs

SMART Evolves to Meet Range of Service-Oriented Architecture Needs

July, 06 2010 • Article

SMART now stands for the SOA Migration, Adoption, and Reuse Technique. The new name reflects what Grace Lewis' team learned in the course of its work.

Read More
Carnegie Mellon Software Engineering Institute Receives Contract Extension From U.S. Government

Carnegie Mellon Software Engineering Institute Receives Contract Extension From U.S. Government

June, 30 2010 • Press Release

The Software Engineering Institute (SEI) at Carnegie Mellon University has received a five-year contract extension, with a face value of $584 million, from the U.S. government through June 2015.

Read More
Architecture Practitioners Gather to Discuss the Latest Techniques and Practices

Architecture Practitioners Gather to Discuss the Latest Techniques and Practices

June, 03 2010 • Article

Software, system, and enterprise architecture practitioners and experts from around the world convened from May 17 to 21 for the sixth annual SEI Architecture Technology User Network (SATURN) Conference.

Read More
SecureLive Startup Protects Websites, Reports Hackers

SecureLive Startup Protects Websites, Reports Hackers

May, 30 2010 • Media Coverage

Chad Dougherty comments on how developers protect websites from hackers who seek to exploit software vulnerabilities.

Read More
New Twist on Insider Crimes

New Twist on Insider Crimes

May, 04 2010 • Media Coverage

Andrew Moore, a senior member of the CERT technical staff, discusses insider crimes committed by trusted business partners and how companies can protect themselves.

Read More
Watts Humphrey Publishes New Book of Reflections on Management

Watts Humphrey Publishes New Book of Reflections on Management

May, 03 2010 • Article

A new book by Watts Humphrey, National Medal of Technology Winner & a senior fellow at the Carnegie Mellon Software Engineering Institute (SEI), has just been published by Addison-Wesley.

Read More
Board Game Gives Insights into Making Hard Choices in Architecture

Board Game Gives Insights into Making Hard Choices in Architecture

April, 08 2010 • Article

There are several ways to learn about software architecture. You could read Software Architecture Principles and Practices, Second Edition by Len Bass, Paul Clements, and Rick Kazman.

Read More
How to Prevent Identity Theft in Your Business

How to Prevent Identity Theft in Your Business

March, 30 2010 • Media Coverage

Larry Rogers shares tips on how businesses can keep private information secure.

Read More
Organizations Become First Strategic Partners for TSP

Organizations Become First Strategic Partners for TSP

March, 15 2010 • Article

Two highly respected organizations halfway around the world from each other recently signed agreements to become SEI strategic partners for the Team Software Process (TSP).

Read More
Paul D. Nielsen, CEO and Director of Carnegie Mellon SEI, Named to Esteemed National Academy of Engineering

Paul D. Nielsen, CEO and Director of Carnegie Mellon SEI, Named to Esteemed National Academy of Engineering

February, 18 2010 • Press Release

The Carnegie Mellon Software Engineering Institute announced today that Paul D. Nielsen has been elected to the National Academy of Engineering (NAE).

Read More
2010 Cybersecurity Watch Survey News Item

2010 Cybersecurity Watch Survey News Item

January, 25 2010 • Article

According to the 2010 CyberSecurity Watch Survey, threats to targeted organizations are increasing faster than many organizations can combat them.

Read More
SOA: Rumors of its Death More Than ‘Greatly Exaggerated’

SOA: Rumors of its Death More Than ‘Greatly Exaggerated’

January, 25 2010 • Article

Echoing writer Mark Twain and others, rumors of the death of service-oriented architecture (SOA) have been “greatly exaggerated.”

Read More
SEI Celebrates a Quarter Century of Leadership

SEI Celebrates a Quarter Century of Leadership

January, 19 2010 • Article

This year, the Carnegie Mellon Software Engineering Institute (SEI) will celebrate its 25th anniversary as a federally funded research and development center (FFRDC).

Read More
Cloud Computing: Finding the Silver Lining, Not the Silver Bullet

Cloud Computing: Finding the Silver Lining, Not the Silver Bullet

December, 09 2009 • Article

In recent months, technology news headlines have been dominated by cloud computing—a large-scale model in which computing power, software, storage services, and platforms are delivered on demand to external customers.

Read More
Creating a Framework for Reliability Validation

Creating a Framework for Reliability Validation

November, 24 2009 • Press Release

The SEI and the U.S. Army Aviation and Missile Research Development and Engineering Center recently began a 1-year engagement that aims to develop a approach to overcome deficiencies with the testing being done to validate software and system reliability.

Read More
CERT Tactical Response and Analysis Challenge Tests Cybersecurity Skills

CERT Tactical Response and Analysis Challenge Tests Cybersecurity Skills

November, 17 2009 • Media Coverage

A five-person team from Australia took first place in the 2009 Tactical Response and Analysis Challenge (TRAC).

Read More
DDJ.com: Secure Coding in C and C++

DDJ.com: Secure Coding in C and C++

September, 03 2009 • Media Coverage

Robert Seacord explains how coding errors can lead to vulnerabilities that can be exploited.

Read More
New York Times: Keeping That New PC Clean and Pure

New York Times: Keeping That New PC Clean and Pure

September, 03 2009 • Media Coverage

CERT vulnerability analyst Chad Dougherty suggests ways to keep your new computer free from malware and viruses.

Read More
Carnegie Mellon SEI and OMG Announce the Launch of CISQ—The Consortium for IT Software Quality (www.it-cisq.org)

Carnegie Mellon SEI and OMG Announce the Launch of CISQ—The Consortium for IT Software Quality (www.it-cisq.org)

August, 19 2009 • Press Release

Pittsburgh, PA, and Needham, MA, USA, August 19, 2009—The Carnegie Mellon Software Engineering Institute (SEI) and the Object Management Group (OMG) announced a partnership to sponsor the Consortium of IT Software Quality (CISQ).

Read More
Paul D. Nielsen Reappointed as SEI Director, CEO

Paul D. Nielsen Reappointed as SEI Director, CEO

July, 30 2009 • Press Release

Pittsburgh, PA, July 30, 2009—Paul D. Nielsen, director and CEO of the Carnegie Mellon Software Engineering Institute (SEI), has been reappointed to a second five-year term.

Read More
Secure Coding in C and C++: Efforts Lead to Book, Course, Community, Coding Standard

Secure Coding in C and C++: Efforts Lead to Book, Course, Community, Coding Standard

July, 17 2009 • Article

It's a frequent yet unintended mistake among software developers. A software developer copies a string in memory, but in doing so, unwittingly creates a vulnerability that can be exploited by an attacker to execute malicious code.

Read More
The New York Times: Gadgetwise Blog: Is Your PC Security Up to Date?

The New York Times: Gadgetwise Blog: Is Your PC Security Up to Date?

May, 16 2009 • Media Coverage

CERT vulnerability analyst Chad Dougherty explains why it's important to keep software up to date.

Read More
Carnegie Mellon Software Engineering Institute and IBM Launch Smart Grid Framework

Carnegie Mellon Software Engineering Institute and IBM Launch Smart Grid Framework

March, 30 2009 • Press Release

s progressive utilities around the globe modernize power grids with digital technology, executives want to know that making the grid smarter is the right thing to do and they want to know how to do it.

Read More
CERT Secure Coding Standards Improve the Quality and Security of Commercial Software Products

CERT Secure Coding Standards Improve the Quality and Security of Commercial Software Products

October, 28 2008 • Press Release

Society's increased dependency on networked software systems has been matched by an increase in the number of attacks aimed at these systems.

Read More
Carnegie Mellon Software Engineering Institute Announces Release of the CERT Resiliency Engineering Framework

Carnegie Mellon Software Engineering Institute Announces Release of the CERT Resiliency Engineering Framework

March, 26 2008 • Press Release

The Carnegie Mellon Software Engineering Institute (SEI) CERT Program, together with the Financial Services Technology Consortium (FSTC), today announced the availability of the CERT® Resiliency Engineering Framework.

Read More
CERT Computer Forensics Team at Carnegie Mellon Software Engineering Institute Recognized by Congressmen Murtha, Doyle and Altmire

CERT Computer Forensics Team at Carnegie Mellon Software Engineering Institute Recognized by Congressmen Murtha, Doyle and Altmire

February, 04 2008 • Press Release

U.S. House of Representatives recognized the CERT® Program at Carnegie Mellon University's Software Engineering Institute efforts during a visit to the university.

Read More
2007 E-Crime Watch Survey

2007 E-Crime Watch Survey

September, 11 2007 • Press Release

Results of the 2007 E-Crime Watch Survey reveal that while security events and electronic crimes were steady, there are concerns that security executives may be becoming over confident.

Read More
Carnegie Mellon® Software Engineering Institute Announces New Program Integration Directorate Director

Carnegie Mellon® Software Engineering Institute Announces New Program Integration Directorate Director

May, 14 2007 • Press Release

The Carnegie Mellon Software Engineering Institute (SEI) announced that John R. Bramer joined the SEI as the director of the SEI's Program Integration Directorate, the business development function of the SEI.

Read More
2006 E-Crime Watch Survey News Item

2006 E-Crime Watch Survey News Item

September, 06 2006 • Article

The 2006 E-Crime Watch Survey indicates that while there has been a decline in security events, there has been an increase in the financial and operational losses caused by such incidents.

Read More
SEI Publishes Report on Software Challenge of the Future

SEI Publishes Report on Software Challenge of the Future

July, 10 2006 • Press Release

The Carnegie Mellon® Software Engineering Institute (SEI) announced publication of Ultra-Large-Scale Systems: The Software Challenge of the Future (ISBN 0-9786956-0-7).

Read More
CERT Coordination Center Partners With Qatar’s Supreme Council to Battle Cyber Risks

CERT Coordination Center Partners With Qatar’s Supreme Council to Battle Cyber Risks

December, 15 2005 • Press Release

—The Carnegie Mellon® Software Engineering Institute (SEI) CERT® Coordination Center (CERT/CC) and the Qatar Supreme Council for Information and Communications Technology (ictQATAR) announced a partnership to establish Qatar CERT (Q-CERT).

Read More
Build Security In

Build Security In

October, 03 2005 • Press Release

The Department of Homeland Security and Carnegie Mellon® Software Engineering Institute (SEI) launched a secure, web-based software assurance portal called Build Security In (BSI).

Read More
2005 E-Crime Watch Survey News Item

2005 E-Crime Watch Survey News Item

May, 03 2005 • Article

Results from the 2005 E-Crime Watch Survey, conducted among security executives and law enforcement personnel, reveals the fight against electronic crimes (e-crimes) may be paying off.

Read More
Carnegie Mellon Software Engineering Institute’s Watts Humphrey Awarded Prestigious National Medal of Technology

Carnegie Mellon Software Engineering Institute’s Watts Humphrey Awarded Prestigious National Medal of Technology

February, 15 2005 • Press Release

Watts S. Humphrey, a fellow of the Carnegie Mellon Software Engineering Institute (SEI) has been awarded the 2003 National Medal of Technology, the highest honor awarded by the President of the United States to America's leading innovators.

Read More
Secret Service and CERT Release Report Analyzing Acts of Insider Sabotage Via Computer Systems in Critical Infrastructure Sectors

Secret Service and CERT Release Report Analyzing Acts of Insider Sabotage Via Computer Systems in Critical Infrastructure Sectors

January, 01 2005 • Press Release

Second in a Series of Reports Focusing on Insider Threats to Information Systems and Data in Critical Infrastructure Sectors

Read More
Secret Service and CERT Release Report Analyzing Acts of Insider Sabotage Via Computer Systems in Critical Infrastructure Sectors

Secret Service and CERT Release Report Analyzing Acts of Insider Sabotage Via Computer Systems in Critical Infrastructure Sectors

January, 01 2005 • Article

Second in a Series of Reports Focusing on Insider Threats to Information Systems and Data in Critical Infrastructure Sectors

Read More
Secret Service and CERT® Coordination Center Release Comprehensive Report Analyzing Insider Threats to Banking and Finance Sector

Secret Service and CERT® Coordination Center Release Comprehensive Report Analyzing Insider Threats to Banking and Finance Sector

August, 24 2004 • Press Release

This is the first of a Series of Reports to Focus on Threats to Information Systems and Data in Critical Infrastructure Sectors.

Read More
U.S. Department of Homeland Security Announces   Partnership with Carnegie Mellon’s CERT Coordination Center

U.S. Department of Homeland Security Announces Partnership with Carnegie Mellon’s CERT Coordination Center

September, 15 2003 • Press Release

Carnegie Mellon University and the Department of Homeland Security (DHS) announced a partnership with the university's CERT® Coordination Center (CERT/CC).

Read More
Internet Security Experts in the United States and Australia Join Forces

Internet Security Experts in the United States and Australia Join Forces

August, 03 2001 • Press Release

Two of the world's leading Internet security groups have signed a collaborative agreement to formalize their working partnership.

Read More
U.S. Government Renews Contract with Carnegie Mellon Software Engineering Institute

U.S. Government Renews Contract with Carnegie Mellon Software Engineering Institute

June, 21 2000 • Press Release

The U.S. government has renewed its contract with the Software Engineering Institute (SEI).

Read More