Mapping the FFIEC Cybersecurity Assessment Tool (CAT) to the CRR
To help financial institutions assess their cyber resilience, we mapped FFIEC CAT statements to Cyber Resilience Review (CRR) questions.
Video Highlights Recent SEI STEM Efforts
Features recent high school cyber-kinetic exercise and SEI's wider initiative to encourage young people to consider careers in STEM fields.
Seven Principles for Software Assurance
Seven Principles for acquiring, building, deploying, and sustaining software systems to achieve a desired level of confidence for software assurance.
Becoming a CISO: Formal and Informal Requirements
The role of a chief information security officer is needed in all organizations regardless of the size or type of business.
Why Netflow Data Still Matters
With more devices connecting to the Internet, networks are larger and faster than ever before. This blog post explores the vital role that network flow plays in the future of network security and analysis.
Managing Third Party Risks to Financial Services Organizations
A resilience-based approach can help financial services organizations to manage cyber risks from outsourcing and comply with federal cybersecurity regulations.
CERT Director Richard Pethia Retires
Cybersecurity Advocate Piloted CERT through Decades of Growth and Change
NEWS
-
Video Highlights Recent SEI STEM Efforts
Article - 11/02/2016
CERT Division at a Glance
We were there for the first internet security incident and we’re still here more than 25 years later. Only now, we’ve expanded our expertise from incident response to a comprehensive, proactive approach to securing networked systems. The CERT Division is part of the Software Engineering Institute, which is based at Carnegie Mellon University. We are the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks and are a national asset in the field of cybersecurity.
Learn More About the CERT Division:
RECENT VULNERABILITIES
-
VU#974055: iTrack Easy contains multiple vulnerabilities
Original Release date - 10/25/2016 -
VU#402847: Zizai Tech Nut contains multiple vulnerabilities
Original Release date - 10/25/2016 -
VU#617567: TrackR Bravo contains multiple vulnerabilities
Original Release date - 10/25/2016 - Report a Vulnerability
PUBLICATIONS
- A Scorecard for Cyber Resilience: What We Have Observed In this presentation the speakers discuss the Cyber Resilience Review (CRR). Presentation - 11/03/2016
- A Mapping of the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT) to the Cyber Resilience Review (CRR) To help financial organizations assess cyber resilience, we map FFIEC Cybersecurity Assessment Tool (CAT) statements to Cyber Resilience Review (CRR) questions. Technical Note - 10/25/2016
- Managing Third Party Risk in Financial Services Organizations: A Resilience-Based Approach A resilience-based approach can help financial services organizations to manage cybersecurity risks from outsourcing and comply with federal regulations. White Paper - 09/27/2016
EVENTS
-
FloCon 2017
The FloCon network security conference provides a forum for large-scale network flow analytics.
Conferences - 01/09/2017