In this podcast, Dr. Richard Young, a professor with Carnegie Mellon’s Tepper School of Business, teams with Sam Perl, a member of the CERT Division’s Enterprise Threat and Vulnerability Management team, to discuss their research on how expert cybersecurity incident handlers think, learn, and act when faced with an incident.
The research study focuses on critical cognitive factors that such experts use to make decisions when faced with a complex incident, including how to deal with critical information that is missing. Study results may be used to enhance the knowledge and skills of less experienced responders.
Categories: Incident Management
Samuel J. Perl is a member of the CSIRT (Computer Security Incident Response Team) development team within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. He has been with CERT since 2011 and has worked in a variety of areas, including insider threat, vulnerability assessment, security incident data analysis, and incident management team development. Prior to joining CERT, Perl gained over 10 years of industry experience working with client organizations to manage their most challenging IT security risk issues. Perl holds a Master of Science degree in Information Security Management and a Bachelor of Science in Information Systems from Carnegie Mellon University.
Richard O. Young is Teaching Professor of Management Communication at the Tepper School of Business, Carnegie Mellon University in Pittsburgh, PA. He received his Ph.D. in Rhetoric from Carnegie Mellon in 1989 with a dissertation on the cognitive processes of expert and novice management consultants and their clients. Young is a regular presenter at national conferences on business communication. He is also the author of How Audiences Decide: A Cognitive Approach to Business Communication (2011). His current research focus is cybersecurity expertise and the shared mental models of cybersecurity teams.