Not all paths to cybersecurity careers look the same. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Randy Trzeciak, deputy director of cyber risk and resilience in the SEI’s CERT division, discusses his career journey, resources for pursuing a career in cybersecurity, and the importance of building a diverse workforce.

Sam Procter started out studying computer science at the University of Nebraska, but he didn’t love it. It wasn’t until he took his first software engineering course that he knew he’d found his career path. In this podcast from the Carnegie Mellon University Software Engineering Institute, Sam Procter discusses the early influences that shaped his career, the importance of embracing different types of diversity in his research and work, and the value of a work-life balance.

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Ware, a senior cybersecurity engineer in the SEI’s CERT Division, discusses her career path, the value of mentorship, and the importance of diversity in cybersecurity.

In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Suzanne Miller, a principal researcher in the SEI’s Software Solutions Division, discusses her career path, the value of mentorship, and the importance of diversity in software engineering.

Across the globe, women account for less than 30 percent of professionals in technical fields. That number drops to 22 percent in the field of Artificial Intelligence (AI). In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Violet Turri, a software developer in the SEI’s AI Division, discusses the evolution of her career in AI and the importance of diversity in the field.

At the request of the White House, the Office of the Director of National Intelligence (ODNI) began exploring use cases for large language models (LLMs) within the Intelligence Community (IC). As part of this effort, ODNI sponsored the Mayflower Project at Carnegie Mellon University’s Software Engineering Institute (SEI) from May 2023 through September 2023. The Mayflower Project attempted to answer the following questions:

1. How might the IC set up a baseline, stand-alone LLM?
2. How might the IC customize LLMs for specific intelligence use cases?
3. How might the IC evaluate the trustworthiness of LLMs across use cases?

In this SEI Podcast, Shannon Gallagher, AI engineering team lead, and Rachel Dzombak, special advisor to the director of the SEI’s AI Division, discuss the findings and recommendations from the Mayflower Project and provides additional background information about LLMs and how they can be engineered for national security use cases.

Modern software engineering practices of Agile and DevSecOps have provided a foundation for producing working software products faster and more reliably than ever before. Far too often, however, these practices do not address the non-software concerns of business mission and capability delivery even though these concerns are critical to the successful delivery of a software product. Through our work with government organizations, we have found that expanding DevSecOps beyond product development enables other teams to increase their capabilities and improve their processes. Agile methodologies are also being used for complex system and hardware developments. In this podcast from the Carnegie Mellon University Software Engineering Institute, Lyndsi Hughes, a senior systems engineer and David Sweeney, an associate software developer, both with the SEI CERT Division, share their experiences leveraging DevSecOps pipelines in atypical situations in support of teams focused on the capability delivery and business mission for their organizations.