Educause Security Discussion mailing list archives

Re: Resources - NIST, Cyber Law, Benchmarking

From: Tracey Losco <tracey.losco () NYU EDU>
Date: Thu, 24 Oct 2002 12:11:22 -0400

Hello Krizi,

These look like very useful resources.  The Center for Internet
Security also has a number of benchmarks available that you might
find useful.  Take a look at:

http://www.cis.org

We are currently working with them in developing an Oracle benchmark
and they are in the process of developing benchmarks for SQL and AIX.

Hope you find this useful,

Tracey

--------------------------------------------------------------------
Tracey Losco
Network Security Analyst                security () nyu edu
ITS - Network Services                  http://www.nyu.edu/its/security
New York University                     (212) 998 - 3433

PGP Fingerprint: 8FFB FE47 6156 7BF0  B19E 462B 9DFE 51F5



At 11:33 AM -0400 10/24/02, Krizi Trivisani wrote:

Hello,

I have received several emails and phone calls regarding NIST, Cyber
Laws, and security benchmarking so I thought I'd share a couple of
resources.  I hope you find them helpful.

Link to NIST's Security Assessment Framework
<http://csrc.nist.gov/organizations/guidance/framework-final.pdf>http://csrc.nist.gov/organizations/guidance/framework-final.pdf

Training - Understanding Cyber Crime - a one day class that I found
very helpful in obtaining a better grasp of the laws that impact
security and how you design your incident response program.  I
attached a more detailed copy of what the class covers.  Contact
Steve Surdu, Foundstone, 202-756-1338 steve.surdu () foundstone com if
you would like more information.

Benchmarking
The Humanfirewall Council offers two FREE tools that allow you to
benchmark security awareness and security management practices.  A
good way to find out where you are today and in a year from now
allows you to find out how much progress you have made.  If enough
Universities participate in the benchmark surveys, we can find out
where higher education stands as a whole regarding security.  The
link is:
<http://www.humanfirewall.org/>http://www.humanfirewall.org/

Regards,
Krizi

*******************************
Krizi Trivisani, CISSP
Chief Security Officer
The George Washington University
202/994-7803
krizi () gwu edu





  ********** Participation and subscription information for this
EDUCAUSE Discussion Group discussion list can be found at
http://www.educause.edu/memdir/cg/.

Attachment converted:
My_Covert_Stuff:Understanding_Cyber_Crime_Class (WDBN/MSWD)
(00009ABF)


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.

Current thread:

Resources - NIST, Cyber Law, Benchmarking Krizi Trivisani (Oct 24)
- <Possible follow-ups>
- Re: Resources - NIST, Cyber Law, Benchmarking Tracey Losco (Oct 24)
- Re: Resources - NIST, Cyber Law, Benchmarking Tom Steuver (Oct 28)
- Re: Resources - NIST, Cyber Law, Benchmarking Tracey Losco (Oct 28)