The Essential List of IT Security Resources for Businesses Large and Small

By on Nov 2, 2013 in Blog

We’ve put together a massive reading list for businesses interested in learning more about US government initiatives, various cybersecurity organizations, and industry best practices related to computer and information security.

So let’s start off with some organizations that you should know about:

The Internet Security Alliance

This site contains numerous reports, frameworks, and models regarding various operational security and risk management topics. The ISA is essentially a multi-sector trade organization that combines thought leadership, research, and advocacy into one powerful force for security. Publications are available for free, and benefits from substantial participation with a wide variety of industries.

Securing our eCity Foundation

A San Diego based foundation that helps educate people and businesses about cyber security best practices. There are some online resources available, though you may find this group more valuable for their events and security awareness programs. If you are a tech company based in the Silicon Valley area (like us) – this is an organization that you really want to know about.

Stop Badware

A non-profit organization that has some interesting reports available about the state of “badware” trends i.e. viruses, malware, and spyware etc. You can also report malicious websites through their service.

United States Computer Emergency Readiness Team

Part of the Department of Homeland Security. This website contains numerous publications and related resources to help prepare and educate businesses about a wide variety of security issues and topics. You can also subscribe to various security alerts and tips to keep you appraised of the latest security threats.

Other interesting reading, and free resources:

The following links lead to a wealth of information about various security topics, and have been put together by a variety of US government agencies tasked with protecting the nation. Cybersecurity in general is being treated with ever higher priority as time passes and the threat landscape grows more sophisticated – ergo US-based businesses should be fully aware of what the US government is doing to tackle these issues.

Information about US government cybersecurity initiatives

Cybersecurity best practices and guidelines

Security Vulnerability Databases

Note that while these databases are co-sponsored by the US government – they can be used by, and are applicable to all countries i.e. information is free for public use. These databases will help you identify any security vulnerability known to exist, while OVAL offers a standardized language for defining vulnerabilities.

Information Sharing and Analysis Centers

ISACs are organizations that are meant to aid certain key industry sectors to easily share and coordinate security and vulnerability concerns in order to protect critical infrastructures and minimize risks.

Post a Reply