Software Engineering Institute (SEI) Podcast Series

Members of Technical Staff at the Software Engineering Institute•www.sei.cmu.edu

Technology

Science

The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.

Last refreshed: July 28th, 2025 at 8:34 AM ⓘ

Follow this podcast in the Metacast mobile app to refresh it and see new episodes.

Follow on

Apple Podcasts

Spotify

RSS

Podcasts are better in Metacast mobile app

Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episodes

Train for the Unexpected

Being able to respond effectively when faced with a disruptive event requires that staff members learn to become more resilient. Listen on Apple Podcasts .

Mar 03, 2010•26 min

The Role of the CISO in Developing More Secure Software

CISOs must leave no room for anyone to deny that they understand what is expected of them when developing secure software. Listen on Apple Podcasts .

Mar 02, 2010•27 min

Computer and Network Forensics: A Master's Level Curriculum

Students learn how to combine multiple facets of digital forensics and draw conclusions to support full-scale investigations. Related Training Advanced Incident Handling Advanced Information Security for Technical Staff Listen on Apple Podcasts .

Feb 02, 2010•25 min

Introducing the Smart Grid Maturity Model (SGMM)

The SGMM provides a roadmap to guide an organization's transformation to the smart grid. Listen on Apple Podcasts .

Jan 12, 2010•26 min

Leveraging Security Policies and Procedures for Electronic Evidence Discovery

Being able to effectively respond to e-discovery requests depends on well-defined, enacted policies, procedures, and processes. Listen on Apple Podcasts .

Jan 09, 2010•26 min

Integrating Privacy Practices into the Software Development Life Cycle

Addressing privacy during software development is just as important as addressing security. Listen on Apple Podcasts .

Dec 22, 2009•17 min

Using the Facts to Protect Enterprise Networks: CERT's NetSA Team

Network defenders and business leaders can use NetSA measures and evidence to better protect their networks. Listen on Apple Podcasts .

Dec 01, 2009•22 min

Ensuring Continuity of Operations When Business Is Disrupted

Providing critical services during times of stress depends on documented, tested business continuity plans. Related Course Introduction to CERT Resiliency Management Model Listen on Apple Podcasts .

Nov 10, 2009•21 min

Managing Relationships with Business Partners to Achieve Operational Resiliency

A defined, managed process for third party relationships is essential, particularly when business is disrupted. Related Course Introduction to CERT Resiliency Management Model Listen on Apple Podcasts .

Oct 20, 2009•27 min

The Smart Grid: Managing Electrical Power Distribution and Use

The smart grid is the use of digital technology to modernize the power grid, which comes with some new privacy and security challenges. Listen on Apple Podcasts .

Sep 29, 2009•20 min

Electronic Health Records: Challenges for Patient Privacy and Security

Electronic health records (EHRs) are possibly the most complicated area of IT today, more difficult than defense. Listen on Apple Podcasts .

Sep 08, 2009•26 min

Mitigating Insider Threat: New and Improved Practices

Two hundred and eighty-two cases of actual insider attacks suggest 16 best practices for preventing and detecting insider threat. Listen on Apple Podcasts .

Aug 18, 2009•36 min

Rethinking Risk Management

Business leaders need new approaches to address multi-enterprise, systems of systems risks across the life cycle and supply chain. Related Courses Assessing Information Security Risk Using the OCTAVE Practical Risk Management: Framework and Methods Listen on Apple Podcasts .

Jul 07, 2009•30 min

The Upside and Downside of Security in the Cloud

When considering cloud services, business leaders need to weigh the economic benefits against the security and privacy risks. Listen on Apple Podcasts .

Jun 16, 2009•28 min

More Targeted, Sophisticated Attacks: Where to Pay Attention

Business leaders need to take action to better mitigate sophisticated social engineering attacks. Listen on Apple Podcasts .

May 26, 2009•20 min

Is There Value in Identifying Software Security "Never Events?"

Now may be the time to examine our responsibilities when developing software with known, preventable errors - along with some possible consequences. Listen on Apple Podcasts .

May 05, 2009•20 min

Cyber Security, Safety, and Ethics for the Net Generation

Capitalizing on the cultural norms of the Net Generation is essential when developing security awareness programs. Listen on Apple Podcasts .

Apr 14, 2009•20 min

An Experience-Based Maturity Model for Software Security

Observed practice, represented as a maturity model, can serve as a basis for developing more secure software. Listen on Apple Podcasts .

Mar 31, 2009•22 min

Mainstreaming Secure Coding Practices

Requiring secure coding practices when building or buying software can dramatically reduce vulnerabilities. Related Course Secure Coding in C and C++ Listen on Apple Podcasts .

Mar 17, 2009•20 min

Security: A Key Enabler of Business Innovation

Making security strategic to business innovation involves seven strategies and calculating risk-reward based on risk appetite. Related Courses Assessing Information Security Risk Using the OCTAVE Approach Introduction to the CERT Resiliency Engineering Framework Listen on Apple Podcasts .

Mar 03, 2009•24 min

Better Incident Response Through Scenario Based Training

Teams are better prepared to respond to incidents if realistic, hands-on training is part of their normal routine. Related Courses Advanced Incident Handling Advanced Information Security for Technical Staff Listen on Apple Podcasts .

Feb 17, 2009•23 min

An Alternative to Risk Management for Information and Software Security

Standard, compliance, and process are more effective than risk management for ensuring an adequate level of information and software security. Related Course Assessing Information Security Risk Using the OCTAVE Approach Listen on Apple Podcasts .

Feb 03, 2009•26 min

Tackling Tough Challenges: Insights from CERT’s Director Rich Pethia

Rich Pethia reflects on CERT's 20-year history and discusses how he is positioning the program to tackle future IT and security challenges. Listen on Apple Podcasts .

Jan 20, 2009•18 min

Climate Change: Implications for Information Technology and Security

Climate change requires new strategies for dealing with traditional IT and information security risks. Listen on Apple Podcasts .

Dec 09, 2008•24 min

Using High Fidelity, Online Training to Stay Sharp

Virtual training environments can deliver high quality content to security professionals on-demand, anywhere, anytime. Related Courses Managing Enterprise Information Security Information Security for Technical Staff Listen on Apple Podcasts .

Nov 25, 2008•27 min

Integrating Security Incident Response and e-Discovery

Responding to an e-discovery request involves many of the same steps and roles as responding to a security incident. Related Course Managing Computer Security Incident Response Teams Listen on Apple Podcasts .

Nov 11, 2008•26 min

Concrete Steps for Implementing an Information Security Program

A sustainable security program is based on business-aligned strategy, policy, awareness, implementation, monitoring, and remediation. Related Course Managing Enterprise Information Security: A Practical Approach for Achieving Defense-in-Depth Listen on Apple Podcasts .

Oct 28, 2008•21 min

← Prev Next →

Hosted on Libsyn

For the best experience, listen in Metacast app for iOS or Android