CIRI is an output-oriented research organization. Our work is grounded in sound academic research but with the ultimate goal of developing products that will positively impact the security and resilience of our nation’s critical infrastructure. As a result, our research portfolio has been strategically cultivated to include a range of projects that will have tangible impact on the way that businesses and infrastructure owners and operators manage their assets. We are equally committed to providing resources that help policymakers and regulators approach the issue of infrastructure resilience.
The Business Resilience Calculator is a software tool that helps businesses assess where they currently stand and assists users in building a cost-effective strategy to cope with disruptions. The BRC is based on resilience strategies learned from sound economic analysis of past disasters and enables users to customize inputs for a specific business.
ConText implements basic natural language processing (NLP) techniques as well as innovations and insights from this project to enable users to extract entities and relations from texts in an HADR context. The project has prepared training materials to assist project stakeholders as they review the final product, and end-users).
The CyberTalent Bridge is directed at mid- and large-sized businesses that desire to optimize their cybersecurity workforce in order to enhance their organization’s cybersecurity posture. This tool will be particularly useful to businesses that are required to implement cybersecurity standards such as the NIST CSF and DoD CMMC.
The Dashboard provides a step-by-step process to implement the NIST SP 800-171 cybersecurity controls in the context of the government standard NIST Cyber Security Framework. Use the Dashboard to comply with the DFARS while implementing the NIST CSF risk management process.
The Cyber Risk Scoring and Mitigation (CRISM) tool employs advanced threat assessment techniques to identify and measure the security vulnerabilities of your company’s cloud IT infrastructure. The tool provides a visual representation of your overall cybersecurity posture and provides recommendations for mitigating risks, allowing you to focus and prioritize your protective measures.
The Cyber Insurance Portfolio Analysis of Risk (CIPAR) is a web-based cyber risk analysis tool. It gives companies from all market segments an easy way to estimate their exposure to cyber risk. It aims to help cyber insurance carriers manage portfolio risk more efficiently and improve product pricing. The Cyber Insurance Portfolio Analysis of Risk (CIPAR) is a web-based cyber risk analysis tool. It gives companies from all market segments an easy way to estimate their exposure to cyber risk. It aims to help cyber insurance carriers manage portfolio risk more efficiently and improve product pricing.
Formal verification and analytic tools are becoming critical to building systems with significantly higher security and safety assurance. The Cybersecurity Assurance Tool boasts a set of formal methods for determining whether critical infrastructure systems are protected from cyber-threats that arise out of implicit interactions.
By 2020, the number of 4G LTE connections is expected to reach 2.8 billion, due to higher communications capabilities and a growing appetite for online services and resources. CIRI is creating a new methodology that would help make 4G LTE networks—which are embedded in the daily operation of everything from healthcare to transportation—more secure and reliable. As a result, we have developed new software that can be leveraged by mobile telecommunications network providers and device developers.
The Port Disruption Tool enables port operators to better understand the interdependencies of the port’s systems, to conduct what-if scenarios that outline the impacts of potential disruptions, and to develop effective strategies for responding to those scenarios.”
As infrastructure systems become increasingly connected, it is critical to be able to capture the varying dependencies and interdependencies that exist across networks to perform comprehensive assessments of infrastructure risk. PRIISM enables varying infrastructure interdependencies to be captured, and probabilistic analyses of system performance to be run to assess infrastructure performance under varying threat, hazard, and retrofit scenarios.
This tool includes a NIST CSF Profile standard for PSAPs and recommend cybersecurity best practices based on NIST controls specific to Emergency Services. The standard was recommended based on the results of a cyber vulnerability and gaps assessment of the PSAP/911 architecture using available documents and interviews with PSAP operators.
If you would like to learn about our research projects and their affiliated tools, subscribe to our mailing list.