|
Citadel Information
Group, Inc. The Library
For the CEO (Reprints from "Continuity Insights") Business Risk from Cyber-Criminals—Eight Things You Need to Do (Jan-Feb, 2003) CEO and Critical Information Asset Security (May-Jun 2003) Questions Every CEO Must Ask About Information Security (Jul-Aug 2003) Effectively Managing Risk to Critical Information Assets (Sept-Oct 2003) The Dark Side of the Information Age (Nov-Dec, 2003) An Emerging Information Security Standard of Due Care (Jan-Feb 2004) Minimizing Information Security Gaps in IT Management (Mar-Apr 2004) Managing Information Security White Space, May-Jun 2004 The Information Security Risk and Vulnerability Assessment, Jul-Aug 2004 The Role of the Information Security Assessment in a Financial Audit, Sep-Oct 2004
Information Security Governance Information Security Governance, National Cybersecurity Partnership, 2004 Securing Cyberspace - Business Roundtable's Framework for the Future, 2004
Information Security Statutes, Regulations, and Emerging Case Law
Citadel Information Group — Papers and Presentations Beyond Awareness Training, It's Time to Change the Culture, Information Security Management Handbook, 6th Edition Overview of ISO 17799 (Code of Practice for Information Security Management, ISO/IEC 17799, 2000) An Information Security Executive Primer: Defending Critical Information Assets From Cyber-Criminals Protecting Critical Information Assets: Countermeasure Systems for Information Protection Information Security—Self-Assessment Management Checklist Information Security Policies: An Overview
Select Information Security Surveys, Reports, and Guidelines 2005 CSI/FBI Computer Crime and Security Survey 2004 CSI/FBI Computer Crime and Security Survey 2003 CSI/FBI Computer Crime and Security Survey 2002 CSI/FBI Computer Crime and Security Survey 2001 CSI/FBI Computer Crime and Security Survey Are You Cyber Secure? (Business Software Alliance) Information Security Management: Learning from Leading Organizations (General Accounting Office) Information Security Risk Assessment: Practices of Leading Organizations (General Accounting Office) Organized Crime and Cyber-Crime: Implications for Business (Phil Williams, CERT Coordination Center)
Information Systems Security Association (ISSA): ISSA is a not-for-profit international organization of information security professionals. It provides education forums, publication and professional networking opportunities that enhance the knowledge, skill and professional growth of its members. Information Systems Security Association (Los Angeles Chapter): If you're in LA, please join us for lunch on the 3rd Wednesday of each month. Information Systems Audit and Control Association (ISACA): The recognized global leader in IT governance, control and assurance. CERT: The CERT® Coordination Center (CERT/CC) is a center of Internet security expertise, at the Software Engineering Institute, a federally funded R&D center operated by Carnegie Mellon University. Continuity Insights: Bimonthly publication devoted to executive strategies to assure enterprise-wide integrity, availability and security Computer Security Institute: CSI is a leading membership organization dedicated to serving and training the information, computer and network security professional. Common Vulnerabilities and Exposures (CVE): A list of standardized names for vulnerabilities and other information security exposures — CVE aims to standardize the names for all publicly known vulnerabilities and security exposures. The site is hosted by the Mitre Corporation. Generally Accepted System Security Principles, drafted and maintained by the International Information Security Foundation Linux Security.com: The Internet's central source of news, insights, security advisories and other information regarding Linux and Open Source security issues. National Infrastructure Protection Center: Managed by the FBI, NIPC's mission is to serve as the US government's focal point for threat assessment, warning, investigation, and response for threats or attacks against our critical infrastructures. Computer Security Research Center, developed and maintained by the U.S. Department of Commerce SANS Institute Online: The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization. SecurityFocus: A leading provider of security intelligence products and services for business.
Information Security Reading List Avoiding Cyber-Fraud in Small Businesses: What Auditors and Owners Need to Know, Jack Bologna & Paul Shaw, Wiley, 2000 At-Large: The Strange Case of the World's Biggest Internet Invasion, David Freedman & Charles Mann, Simon & Schuster, 1997 CISSP Certification Exam Guide, Shon Harris, CISSP, MCSE, Osborne, 2003 Computers at Risk: Safe Computing in the Information Age, National Research Council, United States, National Academy Press, 1991 Computers Under Attack: Intruders, Worms, and Viruses, Peter Denning, ACM Press, 1990 The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage, Clifford Stoll, Doubleday, 1989 Information Warfare, Winn Schwartau, Thunder's Mouth Press, 1994 Information Warfare and Security, Dorothy Denning, Addison Wesley, 1999 Managing Information Security Risks: The Octave SM Approach, Christopher Alberts, Audrey Dorofee, Addison Wesley, 2003 Risk Analysis and the Security Survey, 2nd Ed., James Broder, Butterworth-Heinemann, 1999 Spectacular Computer Crimes, Buck BloomBecker, Dow Jones-Irwin, 1990 Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace, Richard Power, Que Publishing, 2000
|
|||||||||||||||
