|
Robin Ruefle is a senior member of the technical staff of the CERT Program at the Software Engineering Institute at Carnegie Mellon University. She is the team lead for the CERT® CSIRT Development and Training (CDT) team. Her focus is on the development of management, procedural, and technical guidelines and practices for the establishment, maturation, operation, and evaluation of Computer Security Incident Response Teams (CSIRTs) and incident management capabilities worldwide. As a member of the CDT, Ruefle has worked with numerous organizations to assist them in the planning and implementation of their incident management capability.
Ruefle also develops and delivers sessions in the suite of courses offered to CSIRT managers and incident handling staff and has co-authored a variety of publications including Handbook for CSIRTs 2nd Edition, Organizational Models for CSIRTs Handbook, CSIRT Services List, State of the Practice of CSIRTs, Defining Incident Management Processes for CSIRTs: A Work in Progress, The Role of Computer Security Incident Response Teams in the Software Development Life Cycle, as well as numerous other articles and best practice guides. She has co-developed two instruments for evaluation of incident management capabilities: the Incident Management Capability Metrics and the Incident Management Mission Diagnostic (including U.S. Federal versions of both). Current work includes applying lessons learned from the incident management area to the handling of incidents perpetrated by insiders, including development of guidance and best practices for building an Insider Threat Mitigation Program. Other new work includes the development of an incident management body of knowledge and a competency framework for training incident handlers.
Ruefle received a BS in political science and an MPIA (Master of Public and International Affairs) from the University of Pittsburgh. She has also taught courses in information technology, management information systems, and information retrieval and analysis as an adjunct faculty member in the both the Continuing Education and MBA programs at Chatham College and in the Graduate School of Public and International Affairs (GSPIA) at the University of Pittsburgh.
Gorazd Bozic is the Head of the Slovenian national CERT (SI-CERT) which was established in 1995. Between 2000 and 2008 Gorazd was the Chairman of the European CERT group TF-CSIRT, which brings together all known CERTs in the wider European region. Gorazd is also a member of the Management Board of ENISA, the European Network and Information Security Agency.