Security Standards and Resources

Industry and Higher Education Security Standards and Related Resources

  • Center for Internet Security (CIS): Establishes and promotes the use of consensus-based configuration benchmarks, audit tools and security metrics.
    Note: All UC employees are eligible for membership.
  • CERT: United States Computer Emergency Readiness Team. "US-CERT interacts with federal agencies, industry, the research community, state and local governments, and others to disseminate reasoned and actionable cyber security information to the public."
  • Educause/Internet2 Information Security Guide: "Practical approaches to preventing, detecting, and responding to security problems in a wide range of higher education environments."
  • SANS: SysAdmin, Audit, Network, Security. "... develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center."
  • Georgia Tech Information Security Center. "Vision: Effective information security in the context of real-world problems will only be achieved through user-centered approaches that integrate technology research and policy research."
  • NIST Special Publications: National Institute of Standards and Technology (NIST) Computer Security Resource Center Special Publications. "Special Publications in the 800 series present documents of general interest to the computer security community."
  • OWASP: The Open Web Application Security Project. "The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software." OWASP "cheat sheets"
  • Payment Card Industry (PCI) Data Security Standard (DSS): Requirements for any business that stores, processes or transmits payment cardholder data.
  • REN-ISAC: Research and Education Networking Information Sharing and Analysis Center. "The REN-ISAC mission is to aid and promote cyber security operational protection and response within the higher education and research (R&E) communities."

Data Breach Compilations

Security Trends

Note: Registration is required to download some reports.

Cyber Security News

Rev. Apr 2016