Other Consortia
Over many years now, we have developed working relationships with other industry groups and consortia who work on information security solutions. These liaisons wax and wane according to the priority and level of involvement of particular development work. For convenience and visibility, we maintain a list of information security consortia. It is not intended to be an exclusive list, but if you notice a significant omission or expired inclusion, please contact us to tell us to update it.
Information sources
The remainder of this page gives an extensive list of useful links to Web sites
maintained by other organizations who are active in information security. The range of
information accessible through these links is enormous, reflecting the number of
organizations and consortia involved and the huge variety of information available.
To assist you in find what you are seeking, the following groupings are used:
Other Information Sourcing Sites
The Information Society Technologies (IST) Web
pages give a wealth of links to useful information sources. In particular, its Information Security Standards Web page
lists link to Active Forums and to Security Standards by market sector.
The Computer and Communication
Web page gives a more general overview of links to current standards activities and who is
doing them, across all areas of Information Technology.
Consortia, Organizations and Associations
ABA
ISC: American Bar Association, Information Security Council
http://www.abanet.org/
ACSE:
Applied Computer Security Associates
http://www.acsac.org
ANSI (the American National Standards Institute),
http://www.ansi.org/home.html
Go to http://webstore.ansi.org/ansidocstore,
select the NCITS (Information Technology) standards category, then select "Standards
search" and do a "Lookup" on "security". This produces an
extensive list of standards.
ASIS:
American Society for Industrial Security
http://www.asisonline.org
BSI:
British Standards Institute
http://www.bsi-global.com/
Go to http://www.bsi-global.com/Information+Security+Homepage/index.xalter
Note: BS7799 - Toward Standardization of Information Security.
CIO: Chief Information Officer
http://www.cio.com
Has an "Analyst Corner", and other areas that address security issues.
Their new resource for security executives is CSO Magazine - http://www.csoonline.com/
CIS:
Center for Internet Security
http://www.cisecurity.org
Particularly recommended is their Security Cookbook -
http://www.internetweek.com/story/INW20010718S0011
COBIT: see ISACA
CSIS:
Center for Secure Information Systems
http://www.isse.gmu.edu/~csis
HTCIA:
High Technology Crime Investigation Association
http://htcia.org
I4
- International Information Integrity Institute
https://i4online.com
IACSS:
International Association for Computer Systems Security, Inc.
http://www.iacss.com/
IEEE:
Institute of Electrical and Electronics Engineers, Inc.
http://www.ieee.org/index.html
IETF:
the Internet Engineering Task Force
http://www.ietf.cnri.reston.va.us/home.html
IFIP:
International Federation for Information Processing (IFIP) Technical Committee 11 (TC-11)
on Security and Protection in Information Systems
http://www.ifip.tu-graz.ac.at/TC11/
I2SF: International Information Security Foundation
http://w3.mit.edu/security/www/gassp1.html
Aims to Develop and Promulgate Generally Accepted System Security Principles (GASSP) - http://web.mit.edu/security/www/GASSP/GASSP.DOC
ISACA:
Information Systems Audit and Control Association
http://www.isaca.org
Provides access to their COBIT (Control Objectives for Information and related Technology),
their Standards for Information Systems Control Professionals (http://www.isaca.org/standard/stand3.htm),
and their K-NET repository of information.
iSPEC:
International Society for Professionals in E-Commerce
http://www.ispec.org/
ISSA:
Information Systems Security Association, Inc.
http://www.issa-intl.org/
ISC2:
International Information Systems Security Certification Consortium
http://www.isc2.org/
ISO:
the International Standards Organization
http://www.iso.ch/welcome.html
ISO/IEC Guidelines for the Management of IT Security (GMITS).
See http://www.diffuse.org/guides.html
and http://www.diffuse.org/secguide.html
IT
Governance Institute
http://www.itgi.org/
JTC1:
Joint Technical Committee 1 (JTC 1) and TAG (Technical Advisory Group)
http://www.jtc1tag.org
NCITS:
National Committee for Information Technology Standards (formerly X3); Technical Committee
T4
http://www.ncits.org/
National
Classification Management Society, Inc.
http://www.classmgmt.com
NCPEC:
National Coalition for the Prevention of Economic Crime
http://www.ncpec.org
NIST
(U.S.National Institute of Standards and Technology)
http://csrc.nist.gov
Look in NIST CSD (Computer Security Division) for links to various standards. One recently
recommended by a member is "Contingency Planning Guide For Information
Technology Systems," ed Elizabeth Lennon, http://csrc.nist.gov/publications/nistpubs
NSFF:
Network Security Framework Forum
http://www.nsff.org
NSI:
National Security Institute
http://www.nsi.org
NW3:
National White Collar Crime Center
http://www.nw3c.org/
OECD:
Organization for Economic Cooperation and Development
http://www.oecd.org/
PKI
Forum
http://www.pkiforum.org
SANS:
System Administration, Networking, and Security Institute
http://www.sans.org
Provides links to many standards documents.
SANS is particularly useful for accessing publications on legal issues - http://www.sans.org/infosecFAQ/legal/legal_list.htm
The
Open Group
http://www.opengroup.org/security
W3C:
The World Wide Web Consortium
http://www.w3c.org
Policy Management
Axent
Technologies, http://www.axent.com
Product: Enterprise Security Manager
BindView
Development Corporation, http://www.bindview.com
Product: bv-Control and bv-Admin
BMC Software, http://www.bmc.com
Products: BMC Control-SA
Computer Associates, http://www.ca.com
Products: eTrust product line: e-Business Security Management suite
e-Security Inc., http://www.esecurityinc.com
Product: Open e-Security Platform (OeSP) suite
Evidian,
http://www.evidian.com
Product: AccessMaster suite
Tivoli, http://www.tivoli.com
Product: Tivoli SecureWay suite
Risk Assessment
Intrusion.com, http://www.intrusion.com
Product: Kane Security Analyst
Internet Security Systems (ISS), http://www.iss.net
Products: ISS Security Scanner
Network
Associates Inc., http://www.nai.com
Product: CyberCop Scanner
Updates
To request additions, deletions and amendments to this page, please contact Loren Baynes. |