Educause Security Discussion mailing list archives
Re: Resources - NIST, Cyber Law, Benchmarking
From: Tom Steuver <steuver () EXCHANGE NKU EDU>
Date: Mon, 28 Oct 2002 07:57:07 -0500
The URL for the Center for Internet Security is http://www.cisecurity.org <http://www.cisecurity.org> . Tom Steuver --------------------------------------------------------------------- Thomas Steuver Manager of Network Systems/Security Coordinator steuver () nku edu Information Technology 859-572-5299 Northern Kentucky University --------------------------------------------------------------------- -----Original Message----- From: Tracey Losco [mailto:tracey.losco () NYU EDU] Sent: Thursday, October 24, 2002 12:11 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Resources - NIST, Cyber Law, Benchmarking Hello Krizi, These look like very useful resources. The Center for Internet Security also has a number of benchmarks available that you might find useful. Take a look at: http://www.cis.org We are currently working with them in developing an Oracle benchmark and they are in the process of developing benchmarks for SQL and AIX. Hope you find this useful, Tracey -------------------------------------------------------------------- Tracey Losco Network Security Analyst security () nyu edu ITS - Network Services http://www.nyu.edu/its/security New York University (212) 998 - 3433 PGP Fingerprint: 8FFB FE47 6156 7BF0 B19E 462B 9DFE 51F5 At 11:33 AM -0400 10/24/02, Krizi Trivisani wrote: Hello, I have received several emails and phone calls regarding NIST, Cyber Laws, and security benchmarking so I thought I'd share a couple of resources. I hope you find them helpful. Link to NIST's Security Assessment Framework http://csrc.nist.gov/organizations/guidance/framework-final.pdf <http://csrc.nist.gov/organizations/guidance/framework-final.pdf> Training - Understanding Cyber Crime - a one day class that I found very helpful in obtaining a better grasp of the laws that impact security and how you design your incident response program. I attached a more detailed copy of what the class covers. Contact Steve Surdu, Foundstone, 202-756-1338 steve.surdu () foundstone com if you would like more information. Benchmarking The Humanfirewall Council offers two FREE tools that allow you to benchmark security awareness and security management practices. A good way to find out where you are today and in a year from now allows you to find out how much progress you have made. If enough Universities participate in the benchmark surveys, we can find out where higher education stands as a whole regarding security. The link is: http://www.humanfirewall.org/ <http://www.humanfirewall.org/> Regards, Krizi ******************************* Krizi Trivisani, CISSP Chief Security Officer The George Washington University 202/994-7803 krizi () gwu edu ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. Attachment converted: My_Covert_Stuff:Understanding_Cyber_Crime_Class (WDBN/MSWD) (00009ABF) ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Resources - NIST, Cyber Law, Benchmarking Krizi Trivisani (Oct 24)
- <Possible follow-ups>
- Re: Resources - NIST, Cyber Law, Benchmarking Tracey Losco (Oct 24)
- Re: Resources - NIST, Cyber Law, Benchmarking Tom Steuver (Oct 28)
- Re: Resources - NIST, Cyber Law, Benchmarking Tracey Losco (Oct 28)