Data breaches are a routine occurrence and organizations often view a breach as not a matter of if, but rather matter of when. Breaches can be financially lucrative for adversaries. All organizations, regardless of their size, industry and/or geographical location are potential targets. To that point, adversaries are determined and have a seemingly endless supply…
Series: CSIAC Webinars
CSIAC offers free webinars on a regular basis with experts in the technical subject areas of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management/Information Sharing.
Subscribe to receive an email notification when registration is open for new webinars.
Social Engineering
In cybersecurity, social engineering is the term used to define cyber criminals and rogue nation states that employ schemes designed to trick unsuspecting users into divulging proprietary information and corporate data. Social engineering tactics present unique challenges to organizations and individuals alike. The digital world provides a wide threat landscape for social engineers to conduct…
Resilient Cloud Services: Design, Analysis and Evaluation
Current advances in computing, networking and software technology will lead to the development of cyberspace (“cloud”) services that are ubiquitous and will revolutionize all aspects of our life. The delivery of these services will require cyberspace resources that are highly resilient. This presentation will review the development of a Resilient Cloud Services (RCS) Methodology. RCS…
Cyber Information Sharing and Public Policy
The US Senate is currently debating a vote on its thirteenth major cybersecurity information sharing bill. It is important to understand why the government is being so persistent pursuing such policy and why the previous twelve bills have failed. The reasons to pursue such a bill can be compared to the reasons that we have…
Using Unified Code Count (UCC) for Data Collection
Understanding the software development process and gathering data and metrics on the process is an important step to making better-informed cost and effort estimates, improving processes, and making good decisions. UCC (Unified Code Count) is a comprehensive SLOC (software lines of code) counter, and also provides metrics such as Cyclomatic Complexity and difference metrics between…
Cloud Attacks, Threats, and Defenses
As organizations migrate critical services to the cloud, adversaries gain increasing incentive to gain access to these environments. Attacks against cloud environments can range from traditional exploits against an instance to complex, low-level attacks against the underlying infrastructure. This webinar will provide an overview of cloud attacks, drawing directly upon expertise demonstrating vulnerabilities in these…
Cloud Computing and the Government Sector Understanding the Cloud Architecture and Requirements
Adoption of cloud computing requires a thorough understanding of its purpose, characteristics, underlying technologies, service models, and the standards that govern its deployment. This webinar will discuss the fundamental features of cloud computing, service models, deployment models, business models, and provide a brief overview of major providers. Further discussion will focus on the interpretation and…
The Building Security In Maturity Model (BSIMM)
The Building Security In Maturity Model (BSIMM, pronounced “bee simm”) is designed to help you understand, measure, and plan a software security initiative. The BSIMM-V was created by observing and analyzing real-world data from sixty-seven software security initiatives. It is freely available and is licensed under the Creative Commons Attribution-Share Alike 3.0 License. The BSIMM…
Heartbleed: Making On-line Security Popular with the Masses
On April first 2014, a severe flaw in an OpenSSL cryptographic library was publicly announced. Unfortunately, this was no April Fool’s joke and the vulnerability proceeded to capture the attention of security professionals and average internet users alike. This webinar will discuss the details of the vulnerability, how it affects the average internet user, and…
Certifying Security Testers
Recent significant security failures – affecting commercial, educational, and government systems – highlight the damage caused by inadequate cybersecurity. Such risks can be reduced through more thoughtful design and implementation of critical systems, but appraisals are also necessary to provide adequate confidence in these systems. Testing is a key appraisal activity. This presentation starts with…
