Capturing the Expertise of Cybersecurity Incident Handlers

August 27, 2015 • Podcast

By

Samuel J. Perl, Richard O. Young, and Julia H. Allen

In this podcast, Dr. Richard Young, a professor with CMU, and Sam Perl, a member of the CERT Division, discuss their research on how expert cybersecurity incident handlers react when faced with an incident.

Publisher

Software Engineering Institute

Subjects

Incident Management

Listen

Abstract

In this podcast, Dr. Richard Young, a professor with Carnegie Mellon’s Tepper School of Business, teams with Sam Perl, a member of the CERT Division’s Enterprise Threat and Vulnerability Management team, to discuss their research on how expert cybersecurity incident handlers think, learn, and act when faced with an incident.

The research study focuses on critical cognitive factors that such experts use to make decisions when faced with a complex incident, including how to deal with critical information that is missing. Study results may be used to enhance the knowledge and skills of less experienced responders.

About the Speaker

Samuel J. Perl

Samuel J. Perl is a member of the CSIRT (Computer Security Incident Response Team) development team within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. He has been with CERT since 2011 and has worked in a variety of areas, …

Richard O. Young

Julia H. Allen

Julia Allen is an SEI alumni employee.

Julia Allen is a principal researcher within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. Allen’s areas of interest include operational resilience, security governance, and measurement and analysis. Prior to this technical assignment, …

Software Engineering Institute