Preview Mode Links will not work in preview mode

SEI Podcasts

Nov 24, 2020

Authority to Operate (ATO) is a process that certifies a system to operate for a certain period of time by evaluating the risk of the system's security controls. ATO is based on the National Institute of Standards and Technology’s Risk Management Framework (NIST 800-37). In this podcast, Shane Ficorilli and Hasan...


Nov 9, 2020

A pervasive belief in software engineering is that some programmers are much, much better than others (the times-10, or 10x, programmer), and that the skills, abilities, and talents of these programmers exert an outsized influence on that organizations’ success or failure. Bill Nichols, a researcher with the Carnegie...


Oct 27, 2020

Many organizations use the Common Vulnerability Scoring System (CVSS) to prioritize actions during vulnerability management. This podcast—which highlights the latest work in prioritizing actions during vulnerability management—presents a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that avoids...


Oct 13, 2020

The Cybersecurity Maturity Model Certification (CMMC) for Defense Industrial Base (DIB) suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. The CMMC model draws on maturity processes and...


Oct 7, 2020

The Cybersecurity Maturity Model Certification (CMMC) for Defense Industrial Base (DIB) suppliers defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. The CMMC model draws on maturity processes and...