Skip Main Navigation
Page Content

Save This Event

Event Saved

Cyber Hygiene: Why the Fundamentals Matter

Software Engineering Institute at Carnegie Mellon University

Wednesday, October 16, 2019 from 2:00 PM to 3:00 PM (EDT)

Cyber Hygiene: Why the Fundamentals Matter

Registration Information

Type End Quantity
RSVP 19h 12m Free  

Share Cyber Hygiene: Why the Fundamentals Matter

Event Details

About the Webcast


In this webcast, as a part of National Cybersecurity Awareness Month, our experts will provide an overview of the concept of cyber hygiene, which bears an analogy to the concept of hygiene in the medical profession. Like the practice of washing hands to prevent infections, cyber hygiene addresses simple sets of actions that users can take to help reduce cybersecurity risks. Matt Butkovic, Randy Trzeciak, and Matt Trevors will discuss what some of those practices are, such as implementing password security protocols and determining which other practices an organization should implement. Finally, they discuss the special case of phishing—which is a form of attack that can bypass technical safeguards and exploit people’s weaknesses—and how changes in behavior, understanding, and technology might address this issue.


Good cyber hygiene is important because an organization's threat landscape changes daily, and new variants of attacks on computer systems appear by the hour. The sheer number of security vulnerabilities in hardware, software, and underlying protocols—and in the dynamic threat environment—make it nearly impossible for most organizations to keep pace.


Threats aren't only technological, either. Hackers and other bad actors are adept at social engineering to gain access to systems and the information they house. Social engineering attacks can be a sophisticated phishing campaign, a sob story delivered to a customer service representative over the phone, or even an individual on-site claiming to be fixing the HVAC but actually planting a wireless-enabled device. The IT department alone can't mitigate social engineering attacks. It's a responsibility shared by everyone, from the C-suite to the most junior staff members, and you might never get all personnel on board.


At the CERT® Division of the SEI, our approach to cyber hygiene involves identifying the commonalities among these cyber practices and aligning them with the resilience management practices in the CERT Resilience Management Model (CERT-RMM). Resilience management is the application of the methodologies of the CERT-RMM, which is a capability-focused maturity model. Resilience management can be expressed in terms of establishing organization-appropriate levels of protection and sustainment capabilities.


What Attendees Will Learn:


  • Key findings from the CERT Division of the SEI, and the CERT-RMM team, in identifying commonalities among cyber practices and aligning them to CERT-RMM practices
  • The CERT Division’s 11 cyber hygiene areas, comprising 41 CERT-RMM practices that are paramount to every organization’s success
  • What organizations can do to change behavior, understanding, and technology to implement good cyber hygiene 

Who Should Attend


  • CISOs and Information Security Professionals
  • Individuals from organizational units such as Information Technology and Information Security who play a key role in establishing and improving organizational-appropriate levels of protection and sustainment capabilities


About the Speakers


Matthew Butkovic is the Technical Director (Acting) – Cyber Risk and Resilience Assurance in the CERT Division of the Software Engineering Institute (SEI) at Carnegie Mellon University (CMU). Butkovic performs critical infrastructure protection research and develops methods, tools, and techniques for evaluating capabilities and managing risk. This includes addressing the challenges of complex supply chains. Butkovic teaches a graduate level cybersecurity policy courses at the CMU Heinz College. He is also an instructor, focused on organizational resilience and supply chain risk management, for the CMU Heinz School CISO and CRO Executive Certificate Programs.


Randy Trzeciak is the Director of the CERT National Insider Threat Center. The team’s mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing and conducting information security assessments; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. Randy is the Director of the Master’s of Science in Information Security Policy & Management Program in the Heinz College at Carnegie Mellon University.


Matt Trevors is a Technical Manager for Carnegie Mellon's Software Engineering Institute. Matt has more than 20 years of experience in information technology, information security, and secure software development strategies. Matt obtained him Master's in Computer Information Systems from Boston University and his Bachelor's in Computer Science from the University of New Brunswick. Matt also holds the CISM, CISSP, CISSP-ISSAP, and CCSP professional credentials.

Have questions about Cyber Hygiene: Why the Fundamentals Matter? Contact Software Engineering Institute at Carnegie Mellon University

Save This Event

Event Saved


Wednesday, October 16, 2019 from 2:00 PM to 3:00 PM (EDT)

  Add to my calendar


Software Engineering Institute at Carnegie Mellon University

The SEI is a not-for-profit federally funded research and development center (FFRDC) at Carnegie Mellon University specifically established by the Department of Defense to focus on software and cybersecurity. We help government and industry organizations develop software-reliant systems that are more affordable and more agile, more reliable, and more secure. We provide immediate and long-term integrated solutions via the strength of our workforce and focused research. The SEI is positioned to enhance impact, integration, and agility.

  Contact the Organizer

Interested in hosting your own event?

Join millions of people on Eventbrite.

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.