Authority to Operate (ATO) is a process that certifies a system to operate for a certain period of time by evaluating the risk of the system's security controls. ATO is based on the National Institute of Standards and Technology’s Risk Management Framework (NIST 800-37). In this podcast, Shane Ficorilli and Hasan Yasar, both with the Carnegie Mellon University Software Engineering Institute, discuss continuous ATO, including challenges, the role of DevSecOps, and cultural issues that organizations must address.
The Future of Cyber: Educating the Cybersecurity Workforce
Documenting Process for CMMC
Agile Cybersecurity
CMMC Levels 1-3: Going Beyond NIST SP-171
The Future of Cyber: Secure Coding
Challenges to Implementing DevOps in Highly Regulated Environments
The Future of Cyber: Cybercrime
An Ethical AI Framework
My Story in Computing: Madison Quinn Oliver
The CERT Guide to Coordinated Vulnerability Disclosure
Women in Software and Cybersecurity: Dr. April Galyardt
The Future of Cyber: Security and Privacy
The Future of Cyber: Security and Resilience
Reverse Engineering Object-Oriented Code with Ghidra and New Pharos Tools
Women in Software and Cybersecurity: Dr. Carol Woody
Benchmarking Organizational Incident Management Practices
Machine Learning in Cybersecurity: 7 Questions for Decision Makers
Women in Software and Cybersecurity: Kristi Roth
Human Factors in Software Engineering
Women in Software and Cybersecurity: Anita Carleton
Create your
podcast in
minutes
It is Free