A tartalmat a Carnegie Mellon University Software Engineering Institute and SEI Members of Technical Staff biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Carnegie Mellon University Software Engineering Institute and SEI Members of Technical Staff vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Player FM - Podcast alkalmazás
Lépjen offline állapotba az Player FM alkalmazással!
Lépjen offline állapotba az Player FM alkalmazással!
Podcastok, amelyeket érdemes meghallgatni
SZPONZORÁLT
On this episode of Advances in Care , host Erin Welsh and Dr. Craig Smith, Chair of the Department of Surgery and Surgeon-in-Chief at NewYork-Presbyterian and Columbia discuss the highlights of Dr. Smith’s 40+ year career as a cardiac surgeon and how the culture of Columbia has been a catalyst for innovation in cardiac care. Dr. Smith describes the excitement of helping to pioneer the institution’s heart transplant program in the 1980s, when it was just one of only three hospitals in the country practicing heart transplantation. Dr. Smith also explains how a unique collaboration with Columbia’s cardiology team led to the first of several groundbreaking trials, called PARTNER (Placement of AoRTic TraNscatheteR Valve), which paved the way for a monumental treatment for aortic stenosis — the most common heart valve disease that is lethal if left untreated. During the trial, Dr. Smith worked closely with Dr. Martin B. Leon, Professor of Medicine at Columbia University Irving Medical Center and Chief Innovation Officer and the Director of the Cardiovascular Data Science Center for the Division of Cardiology. Their findings elevated TAVR, or transcatheter aortic valve replacement, to eventually become the gold-standard for aortic stenosis patients at all levels of illness severity and surgical risk. Today, an experienced team of specialists at Columbia treat TAVR patients with a combination of advancements including advanced replacement valve materials, three-dimensional and ECG imaging, and a personalized approach to cardiac care. Finally, Dr. Smith shares his thoughts on new frontiers of cardiac surgery, like the challenge of repairing the mitral and tricuspid valves, and the promising application of robotic surgery for complex, high-risk operations. He reflects on life after he retires from operating, and shares his observations of how NewYork-Presbyterian and Columbia have evolved in the decades since he began his residency. For more information visit nyp.org/Advances…
Software Engineering Institute (SEI) Webcast Series
Mind megjelölése nem lejátszottként
Manage series 1264075
A tartalmat a Carnegie Mellon University Software Engineering Institute and SEI Members of Technical Staff biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Carnegie Mellon University Software Engineering Institute and SEI Members of Technical Staff vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Series is produced by SEI Communications Outreach.
…
continue reading
157 epizódok
Mind megjelölése nem lejátszottként
Manage series 1264075
A tartalmat a Carnegie Mellon University Software Engineering Institute and SEI Members of Technical Staff biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Carnegie Mellon University Software Engineering Institute and SEI Members of Technical Staff vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Series is produced by SEI Communications Outreach.
…
continue reading
157 epizódok
Minden epizód
×Surviving disruptive cyber events requires a specific form of planning. One must strike a balance between defending against threats (e.g., managing conditions) and effectively handling the effects of disruption (e.g., managing consequences). Employing a model (such as the CERT Resilience Management Model) provides a catalog of practices and a system of measurement. Focusing on key attributes of performance permits a level of prediction not possible with a basic checklist. In this webcast, Greg Crabbe and Matt Butkovic share their experiences in establishing and maintaining operational resilience programs. What Attendees Will Learn: • how to link mission outcome with asset resilience • how managing for security differs from managing for resilience • how to apply a capability maturity model to the challenge • how to begin analyzing requirements and constructing an operational resilience management program…
Chief Information Security Officers (CISOs) perpetually navigate a dynamic set of challenges. Applying focus and aligning resources is imperative for success. In this Intersect, Matthew Butkovic and Gregory Touhill, reflect on 2024 and explore the topics that should be front of mind for CISOs in 2025. They provide insights and advice for those contemplating cybersecurity priorities.…
No organization can comprehensively avoid disruptive cyber events. All must strive to maintain operational resilience during times of organizational stress. Ransomware incidents create disruption that can be fatal to the unprepared. In this webcast, we explore how to maintain operational resilience during a ransomware incident. Experts with varied backgrounds provide practical advice for improving your resilience and survivability. What attendees will learn: • best practices for ransomware response • moving beyond security and planning for resilience • pitfalls to avoid in the planning and response processes…
As the strategic importance of AI increases, so too does the importance of defending those AI systems. To understand AI defense, it is necessary to understand AI offense—that is, counter AI. In this session, Matthew Butkovic, CISA, CISSP, technical director for risk and resilience, and Nathan VanHoudnos, senior machine learning researcher explore the fundamentals of counter AI.…
Health-care organizations are seemingly besieged by a complex set of cyber threats. The consequences of disruptive cyber events in health care are in many ways uniquely troubling. Health-care organizations often face these challenges with modest resources. In this webcast, Matthew Butkovic and Darrell Keeling will explore approaches to maximize return on cybersecurity investment in the health-care context. This will include applying fundamental measures of operational resilience. What Attendees Will Learn: How to yield maximum return on cybersecurity investment in health care How to shift thinking from cybersecurity to operational resilience How to employ free or low-cost cybersecurity resources in the health-care context…
![Artwork](/static/images/128pixel.png)
1 Independent Verification and Validation for Agile Projects 1:02:23
1:02:23
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:02:23![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Traditionally, independent verification and validation (IV&V) is performed by an independent team throughout a program’s milestones or once the software is formally delivered. This approach allows the IV&V team to provide input at the various milestone gates. As more programs move to an Agile approach, those milestones aren’t as clearly defined since requirements, design, implementation, and testing all happen iteratively, sometimes over years of development. In this new paradigm, IV&V teams are struggling to figure out how to add value to the program earlier in the lifecycle by getting in phase with development. This webcast will highlight a novel approach to providing IV&V for projects using an Agile or iterative software development. What Attendees Will Learn: What adopting an Agile mindset for IV&V could look like How focusing on capabilities and using a risk-based perspective could help drive planning for your team Techniques to help the IV&V team get more in phase with the developer while remaining independent…
![Artwork](/static/images/128pixel.png)
1 Generative AI and Software Engineering Education 1:02:05
1:02:05
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:02:05![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Within a very short amount of time, the productivity and creativity improvements envisioned by generative artificial intelligence (AI), such as using tools based on large language models (LLMs), have taken the software engineering community by storm. The industry is in a race to develop your next best software development tool. Organizations are perplexed by trying to find the right balance between staying ahead in the race and protecting their data and systems from potential risks presented by using generative AI as part of their software development tool chain. There are haters, evangelists, and everything in between. Software engineering education and educators have a special role. No matter how they perceive the opportunities and challenges of generative AI approaches, software engineering educators are going through a watershed moment that will change how they educate the next generation of software engineers. In this webcast, three experts in software engineering will discuss how generative AI is influencing software engineering education and how to balance key skills development with incorporating generative AI into software engineering curricula. What Attendees Will Learn: • how software engineering education is challenged by the increasing popularity of generative AI tools • how software engineering educators can take advantage of generative AI tools • what fundamental skills will be critical to teach to software engineering students in the era of generative AI…
Traditionally, cybersecurity has focused on finding and removing vulnerabilities. This is like driving backward down the highway using your rearview mirror. Most breaches are due to defects in design or code; thus, the only way to truly address the issue is to design and build more secure solutions. In this webcast, Tim Chick discusses how security is an integral aspect of the entire software lifecycle as a result of following deliberate engineering practices focused on reducing security risks through the use of software assurance techniques. What Attendees Will Learn: • The importance of cybersecurity and examples of when security has failed • Qualities to look at when evaluating third-party software • The relationship between quality and security • Engineering techniques used throughout the development lifecycle to reduce cyber risks…
Modern analytic methods, including artificial intelligence (AI) and machine learning (ML) classifiers, depend on correlations; however, such approaches fail to account for confounding in the data, which prevents accurate modeling of cause and effect and often leads to prediction bias. The Software Engineering Institute (SEI) has developed a new AI Robustness (AIR) tool that allows users to gauge AI and ML classifier performance with unprecedented confidence. This project is sponsored by the Office of the Under Secretary of Defense for Research and Engineering to transition use of our AIR tool to AI users across the Department of Defense. During the webcast, the research team will hold a panel discussion on the AIR tool and discuss opportunities for collaboration. Our team efforts focus strongly on transition and provide guidance, training, and software that put our transition collaborators on a path to successful adoption of this technology to meet their AI/ML evaluation needs. What Attendees Will Learn: • How AIR adds analytical capability that didn’t previously exist, enabling an analysis to characterize and measure the overall accuracy of the AI as the underlying environment changes • Examples of the AIR process and results from causal discovery to causal identification to causal inference • Opportunities for partnership and collaboration…
![Artwork](/static/images/128pixel.png)
1 Using a Scenario to Reason About Implementing a Zero Trust Strategy 1:02:22
1:02:22
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:02:22![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
There is a lot of documentation about a zero trust architecture, as well as directives that it be used for U.S. federal agencies and the Department of Defense (DoD), but little information on how to go about implementing it to improve an organization’s enterprise or DoD weapon system security. Use cases typically describe requirements for these systems, but they do not provide the contextual awareness that organizations need to help them create a prioritized roadmap to implement zero trust. In this webcast, Tim Morrow, Rhonda Brown, and Elias Miller discuss an approach that organizations can use to help develop the contextual awareness needed to apply a zero trust strategy. What Attendees Will Learn: Overview of a zero trust strategy Roadmap focusing on zero trust for the DoD Engineering approach for mission/workflow Use of a scenario to help reason about zero trust considerations Awareness of an upcoming SEI Zero Trust Industry Day event…
According to the Verizon Data Breach Report , Log4j-related exploits have occurred less frequently over the past year. However, this Common Vulnerabilities and Exposures (CVE) flaw was originally documented in 2021. The threat still exists despite increased awareness. Over the past few years, the Software Engineering Institute (SEI) has developed guidance and practices to help organizations reduce threats to U.S. supply chains. In this webcast, Brett Tucker and Matthew Butkovic, answer your enterprise risk management questions to help your organization achieve operational resilience in the cyber supply chain. What attendees will learn: Enterprise risk governance and how to assess organization’s risk appetite and policy as it relates to and integrates cyber risks into a global risk portfolio Regulatory directives on third-party risk The agenda and topics to be covered in the upcoming CERT Cyber Supply Chain Risk Management Symposium in February…
![Artwork](/static/images/128pixel.png)
1 The Future of Software Engineering and Acquisition with Generative AI 1:32:10
1:32:10
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:32:10![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
We stand at a pivotal moment in software engineering, with artificial intelligence (AI) playing a crucial role in driving approaches poised to enhance software acquisition, analysis, verification, and automation. While generative AI tools initially sparked excitement for their potential to reduce errors, scale changes effortlessly, and drive innovation, concerns have emerged. These concerns encompass security risks, unforeseen failures, and issues of trust. Empirical research on generative AI development assistants reveals that productivity and quality gains depend not only on the sophistication of tools but also on task flow redesign and expert judgment. In this webcast, Software Engineering Institute (SEI) researchers will explore the future of software engineering and acquisition using generative AI technologies. They’ll examine current applications, envision future possibilities, identify research gaps, and discuss the critical skill sets that software engineers and stakeholders need to effectively and responsibly harness generative AI’s potential. Fostering a deeper understanding of AI’s role in software engineering and acquisition accentuates its potential and mitigates its risks. What Attendees Will Learn • how to identify suitable use cases when starting out with generative AI technology • the practical applications of generative AI in software engineering and acquisition • how developers and decision makers can harness generative AI technology…
Compliance standards, privileged access management, software bills of materials (SBOMs), maturity models, cloud services, vulnerability management, etc. The list of potential solutions to supply chain risk management (SCRM) challenges seems unending as much as it is daunting to address. In this webcast, Brett Tucker explores some of these solutions. More importantly, he renews an emphasis on using robust enterprise risk management to achieve operational resilience in the cyber supply chain. What attendees will learn A means of decomposing strategic objectives and critical services into high-value assets that point to prioritization of limited risk response resources Enterprise risk governance, appetite, and policy as they relate to and integrate cyber risks into a global risk portfolio The application and impacts of Cybersecurity Maturity Model Certification (CMMC) and other regulatory directives on third-party risk A kick-off announcement about the SEI CERT Supply Chain Risk Management Symposium to be held in February 2024…
![Artwork](/static/images/128pixel.png)
1 Ask Us Anything: Generative AI Edition 1:30:37
1:30:37
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:30:37![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Generative AI (GenAI) has been around for decades, but the latest leap in progress, fueled by high-capability large language models (LLMs), image and video generators, and AI pair programmers, has captivated audiences across a variety of disciplines. What can GenAI do well? What are the risks and opportunities of using GenAI? SEI experts Doug Schmidt, Rachel Dzombak, Jasmine Ratchford, Matt Walsh, John Robert and Shing-hon Lau conducted a live question-and-answer session driven by the audience. Here’s what attendees will learn: The risks and rewards of generative AI The future of LLMs SEI research in this area…
![Artwork](/static/images/128pixel.png)
1 Evaluating Trustworthiness of AI Systems 1:02:08
1:02:08
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:02:08![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
AI system trustworthiness is dependent on end users’ confidence in the system’s ability to augment their needs. This confidence is gained through evidence of the system’s capabilities. Trustworthy systems are designed with an understanding of the context of use and careful attention to end-user needs. In this webcast, SEI researchers discuss how to evaluate trustworthiness of AI systems given their dynamic nature and the challenges of managing ongoing responsibility for maintaining trustworthiness. What attendees will learn: Basic understanding of what makes AI systems trustworthy How to evaluate system outputs and confidence How to evaluate trustworthiness to end users (and affected people/communities)…
Üdvözlünk a Player FM-nél!
A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.