The Security Engineering Risk Analysis (SERA) Method defines a systematic approach for evaluating cybersecurity risk in highly complex networked environments. The SERA Method uses a scenario-based approach to analyze how an attacker could leverage available attack vectors and technology vulnerabilities to compromise confidentiality, integrity, and availability of mission-critical data and impact operational mission success. SERA can be applied at any point in the lifecycle to construct cyber-risk scenarios that show how the technology within a system and its context including supply chains and trusted connections in a system-of-systems provides opportunities for attackers to disrupt mission execution. Analysis of the scenarios will determine what risks are critical and which controls are important to reduce mission impact.
CSIAC Webinars - Security Engineering Risk Analysis (SERA): Connecting Technology Risk To Mission Impact
Please see our terms of use located here: https://www.csiac.org/csiac-terms-of-use/
Presenter

Dr. Woody, I really enjoyed your presentation. The SERA approach is very thoughtful, multi-faceted tool that can allow a number of analysis approaches to be “merged” in with it.
You had me at the the “system thread” approach and tracing it back to the mission or operational contexts. Great approach.
Thank You, Charles McMahon
AFLCMC Systems/Cybersecurity Engineer