Cybersecurity SLAs: Managing Requirements at Arm’s Length - GRC-F42

Samuel Merrell, Member of the Technical Staff, Carnegie Mellon University, Software Engineering Institute, CERT
Matthew Butkovic, Team Lead-Critical Infrastructure Protection, Carnegie Mellon University

As a part of the Infrastructure Resilience Team at CERT®, Samuel Merrell works with the U.S. Department of Homeland Security to assist Critical Infrastructure and Key Resource owners and operators to improve their information security management practices. This work has included co-developing a cybersecurity diagnostic assessment that has been used by DHS hundreds of times across the 18 Critical Infrastructure sectors. Merrell is also a co-author of the Department of Energy’s Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2).


Matthew Butkovic leads critical infrastructure protection efforts within the Infrastructure Resilience team of the CERT Program at the Software Engineering Institute. As a member of the team, Butkovic performs critical infrastructure protection research and develops methods, tools and techniques for managing risk. He has more than 15 years of managerial and technical experience in information technology (particularly information systems security, process design and audit) across the banking and manufacturing sectors. Prior to joining CERT in 2010, he was leading information security and business continuity efforts for a Fortune 500 manufacturing organization. He is a Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA).

Speaker

Headshot

Samuel Merrell Member of the Technical Staff, Carnegie Mellon University, Software Engineering Institute, CERT

← View more Podcasts

This document was retrieved from http://www.rsaconference.com/podcasts/33/cybersecurity-slas-managing-requirements-at-arms on Thu, 18 Dec 2014 00:38:31 -0500.
© 2014 EMC Corporation. All rights reserved.