Steve Porter is an Engineering Fellow at Raytheon IIS. Steve is a subject matter expert on DevOps, Infrastructure as Code, Cloud Computing, and infrastructure architectures. He has worked at Raytheon for twenty-four years supporting a variety of domestic and international programs. Steve has a Master of Science in Cyber Security Management degree from Purdue University Global and Bachelor of Science in Engineering Technology degree from the University of Northern Iowa. Steve is a Raytheon Certified Architect.
Podcasts / Webinars
The CSIAC Podcast » Assessing the Operational Risk Imposed by the Infrastructure Deployment Pipeline
A generalized Infrastructure Deployment Pipeline (IDP) reference architecture is presented to assist with risk assessment and mitigation. An experiment was conducted to determine if application of the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) can mitigate the risks inherent to the IDP workflow process. The author concludes that while the NIST CSF does largely mitigate IDP cybersecurity risks, additional controls are still required to fully assure cybersecurity for the CD process.