ÃÛÌÒÊÓƵ

Cyber Institute Resources

Cybersecurity Education Support Organizations

The NCL is a 501(c)(3) non-profit founded in May 2011 to provide an ongoing virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills using next-generation high-fidelity simulation environments.
The National CyberWatch Center is a consortium of higher education institutions, public and private schools, businesses, and government agencies focused on collaborative efforts to advance cybersecurity education and strengthen the national cybersecurity workforce. ÃÛÌÒÊÓƵ Technical College is a member of National CyberWatch Center.
NSA and the Department of Homeland Security (DHS) jointly sponsor the National Centers of Academic Excellence in Cyber Defense (CD) Education (CAE-CDE), Two-Year Education (CAE-2Y) and Research (CAE-R) programs. The goal of these programs is to reduce vulnerability in our national information infrastructure by promoting higher education and research in CD and producing a growing number of professionals with CD expertise in various disciplines. Students attending CAE-CDE and CAE-R schools are eligible to apply for scholarships and grants through the Department of Defense Information Assurance Scholarship Program and the Federal Cyber Service Scholarship for Service Program.
The National Initiative for Cybersecurity Education (NICE), led by the National Institute of Standards and Technology (NIST), is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development. The mission of NICE is to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development. NICE fulfills this mission by coordinating with government, academic, and industry partners to build on existing successful programs, facilitate change and innovation, and bring leadership and vision to increase the number of skilled cybersecurity professionals helping to keep our Nation secure.

The National Science Foundation (NSF) is an independent federal agency created by Congress in 1950 "to promote the progress of science; to advance the national health, prosperity, and welfare; to secure the national defense..." NSF is vital because we support basic research and people to create knowledge that transforms the future. This type of support:

  • Is a primary driver of the U.S. economy.
  • Enhances the nation's security.
  • Advances knowledge to sustain global leadership.

 

Federal Cyber Security Organizations

(DTIC) The Defense Technical Information Center (DTIC®) has served the information needs of the Defense community for more than 70 years. DTIC reports to the Assistant Secretary of Defense For Research and Engineering (ASD(R&E)). DTIC’s mission is to provide essential, technical research, development, testing and evaluation (RDT&E) information rapidly, accurately and reliably to support DoD needs.
(IAD) The Information Assurance (IA) Mission at the National Security Agency (NSA) serves a role unlike that of any other U.S. Government entity. National Security Directive (NSD) 42 authorizes NSA to secure National Security Systems, which includes systems that handle classified information or are otherwise critical to the military or intelligence activities. IAD partners with government, industry, and academia to execute the Information Assurance mission.
(IASE)

The Information Assurance Support Environment (IASE) provides one-stop access to Cybersecurity information, policy, guidance and training for cybersecurity professionals throughout the DoD. Some portions of the site are also available to the remainder of the Federal Government and the general public. These resources are provided to enable the user to comply with rules, regulations, best practices and federal laws. DISA is mandated to support and sustain the IASE as directed by DoD 8500.1 and DODD 8140.01.

(NIAP) NIAP is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body. NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements. In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S.
(US-CERT)

US-CERT strives for a safer, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world.

 

Societies and Organizations

(ACM) ACM, the world's largest educational and scientific computing society, delivers resources that advance computing as a science and a profession. ACM provides the computing field's premier Digital Library and serves its members and the computing profession with leading-edge publications, conferences, and career resources.
(IEEE)

IEEE is the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity. IEEE and its members inspire a global community through its highly cited publications, conferences, technology standards, and professional and educational activities.

(ISC)²

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Universally recognized as the Gold Standard in information security certifications.

(ISSA) The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.
(ISOC)

The Internet Society (ISOC) is an American, non-profit organization founded in 1992 to provide leadership in Internet-related standards, education, access, and policy. It states that its mission is "to promote the open development, evolution and use of the Internet for the benefit of all people throughout the world".

The National Academy of Sciences was established in 1863 by an Act of Congress, signed by President Lincoln, as a private, nongovernmental institution to advise the nation on issues related to science and technology. Members are elected by their peers for outstanding contributions to research.
(NIST) The National Institute of Standards and Technology (NIST) was founded in 1901 and now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major challenge to U.S. industrial competitiveness at the time. NIST is a measurement standards laboratory, and a non-regulatory agency of the United States Department of Commerce. Its mission is to promote innovation and industrial competitiveness.
(OWASP) The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.
The SANS Institute (officially the Escal Institute of Advanced Technologies) is a private U.S. for-profit company founded in 1989 that specializes in information security and cybersecurity training. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and audit. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The Institute has been recognized for its training programs[3] and certification programs.[4] SANS stands for SysAdmin, Audit, Network and Security.
(SWGDE) The Scientific Working Group on Digital Evidence (SWGDE) brings together organizations actively engaged in the field of digital and multimedia evidence to foster communication and cooperation as well as to ensure quality and consistency within the forensic community.

 

Standards Organizations

(ANSI)

The Institute oversees the creation, promulgation and use of thousands of norms and guidelines that directly impact businesses in nearly every sector: from acoustical devices to construction equipment, from dairy and livestock production to energy distribution, and many more. ANSI is also actively engaged in accreditation - assessing the competence of organizations determining conformance to standards.

(IEEE)

IEEE is the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity. IEEE and its members inspire a global community through its highly cited publications, conferences, technology standards, and professional and educational activities.

(ISO)

ISO is an independent, non-governmental international organization with a membership of 163 national standards bodies. Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges. International Standards make things work. They give world-class specifications for products, services and systems, to ensure quality, safety and efficiency. They are instrumental in facilitating international trade.

(IAB) The IAB is chartered both as a committee of the Internet Engineering Task Force (IETF) and as an advisory body of the Internet Society (ISOC). Its responsibilities include architectural oversight of IETF activities, Internet Standards Process oversight and appeal, and the appointment of the RFC Editor. The IAB is also responsible for the management of the IETF protocol parameter registries.
(IANA)

IANA allocates and maintains unique codes and numbering systems that are used in the technical standards (“protocols”) that drive the Internet.

  • Management of the DNS Root, the .int and .arpa domains, and an IDN practices resource.

  • Co-ordination of the global pool of IP and AS numbers, primarily providing them to Regional Internet Registries.

  • Internet protocols’ numbering systems are managed in conjunction with standards bodies.

(ICANN) ICANN is a not-for-profit public-benefit corporation with participants from all over the world dedicated to keeping the Internet secure, stable and interoperable. It promotes competition and develops policy on the Internet's unique identifiers. Through its coordination role of the Internet's naming system, it does have an important impact on the expansion and evolution of the Internet. ICANN coordinates the allocation and assignment of names in the root zone of the Domain Name System ("DNS") and coordinates the development and implementation of policies concerning the registration of second-level domain names in generic top-level domains ("gTLDs").
(IETF) The IETF's mission is "to make the Internet work better," but it is the Internet Engineering Task Force, so this means: make the Internet work better from an engineering point of view. We try to avoid policy and business questions, as much as possible. If you're interested in these general aspects, consider joining the Internet Society. Most participants in the IETF are engineers with knowledge of networking protocols and software. Many of them know a lot about networking hardware too.
(IRTF) The Internet Research Task Force (IRTF) focuses on longer term research issues related to the Internet while the parallel organization, the Internet Engineering Task Force (IETF), focuses on the shorter term issues of engineering and standards making. The IRTF is a composed of a number of focused and long-term Research Groups. These groups work on topics related to Internet protocols, applications, architecture and technology. Research Groups have the stable long term membership needed to promote the development of research collaboration and teamwork in exploring research issues. Participation is by individual contributors, rather than by representatives of organizations.
(ISOC) The Internet Society (ISOC) is an American, non-profit organization founded in 1992 to provide leadership in Internet-related standards, education, access, and policy. It states that its mission is "to promote the open development, evolution and use of the Internet for the benefit of all people throughout the world".
(ITU) ITU allocates global radio spectrum and satellite orbits, develop the technical standards that ensure networks and technologies seamlessly interconnect, and strive to improve access to information and communication technologies to underserved communities worldwide.
(NIST) The National Institute of Standards and Technology (NIST) was founded in 1901 and now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major challenge to U.S. industrial competitiveness at the time. NIST is a measurement standards laboratory, and a non-regulatory agency of the United States Department of Commerce. Its mission is to promote innovation and industrial competitiveness.
Advancing the state-of-the-art in IT in such applications as cyber security and biometrics, NIST accelerates the development and deployment of systems that are reliable, usable, interoperable, and secure; advances measurement science through innovations in mathematics, statistics, and computer science; and conducts research to develop the measurements and standards infrastructure for emerging information technologies and applications.

(OMG)

OMG's cybersecurity standards help protect software assets from unauthorized access and penetrations, outages, data corruption, and other operational problems. OMG® modeling language standards also ensure that security is designed upfront as part of a principled design process. Cyber threats facing a nation's critical infrastructure, mission-critical systems, or any Internet of Things (IoT) system, demand a cyber infrastructure that matches their combined enormity and complexity.
The PCI Security Standards Council is a global open body formed to develop, enhance, disseminate and assist with the understanding of security standards for payment account security. PCI helps merchants and financial institutions understand and implement standards for security policies, technologies and ongoing processes that protect their payment systems from breaches and theft of cardholder data. PCI helps vendors understand and implement standards for creating secure payment solutions.
(TIA) The Telecommunications Industry Association (TIA) is the leading trade association representing the global information and communications technology (ICT) industry through standards development, policy initiatives, business opportunities, market intelligence and networking events. With support from hundreds of members, TIA enhances the business environment for companies involved in telecom, broadband, mobile wireless, information technology, networks, cable, satellite, unified communications, emergency communications and the greening of technology. TIA is accredited by the American National Standards Institute (ANSI) as a "standards developing organization (SDO)”.

Wi-Fi Alliance is a non-profit organization that promotes Wi-Fi technology and certifies Wi-Fi products if they conform to certain standards of interoperability. Not every IEEE 802.11-compliant device is submitted for certification to the Wi-Fi Alliance, sometimes because of costs associated with the certification process. The lack of the Wi-Fi logo does not necessarily imply a device is incompatible with Wi-Fi devices. The Wi-Fi Alliance owns the Wi-Fi trademark. Manufacturers may use the trademark to brand certified products that have been tested for interoperability.

(W3C) The World Wide Web Consortium (W3C) is an international community where Member organizations, a full-time staff, and the public work together to develop Web standards. The W3C mission is to lead the World Wide Web to its full potential by developing protocols and guidelines that ensure the long-term growth of the Web.

 

Useful Web Sites

A Glossary of Computer Oriented Abbreviations and Acronyms
| Carnegie Mellon University Working with software vendors, CERT helps resolve software vulnerabilities. CERT develops tools, products, and methods to help organizations conduct forensic examinations, analyze vulnerabilities, and monitor large-scale networks. CERT helps organizations determine how effective their security-related practices are. And CERT shares their work at conferences; in blogs, webinars, and podcasts; and through our many articles, technical reports, and white papers. CERT collaborates with high-level government organizations, such as the U.S. Department of Defense and the Department of Homeland Security (DHS); law enforcement, including the FBI; the intelligence community; and many industry organizations.
(CVE) CVE is a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities. CVE's common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.
(CWW) The CyberWatch West Center is committed to improving the quantity and quality of existing cybersecurity resources and building upon these resources to develop effective training and teaching modules. By concentrating on student development; professional development; and curriculum development, revision, and dissemination, CyberWatch West incorporates effective outreach efforts to raise awareness and build viable partnerships among academia and industry.

Directory of Computer Science Journals

(FOLDOC) FOLDOC is a searchable dictionary of acronyms, jargon, programming languages, tools, architecture, operating systems, networking, theory, conventions, standards, mathematics, telecoms, electronics, institutions, companies, projects, products, history, in fact anything to do with computing.
(JIACS) JIACS is a peer reviewed international journal presenting scholarly works on information security to the benefit of the industrial and academic community, as well as to the cognizant government agencies. The Journal serves as a forum for authors who wish to present their original scientific findings — theories, methodologies, and applications — to the global information security community.
The NCWF NIST Special Publication 800-181, is a national resource that categorizes and describes cybersecurity work. The NCWF provides employers, employees, educators, students, and training providers with a common language to define cybersecurity work as well as a common set of tasks and skills required to perform cybersecurity work. Through the process of identifying the cybersecurity workforce and using a standard set of terms we can work together to educate, recruit, train, develop, and retain a highly-qualified workforce.
(Secure Web Development Teaching) SWEET (Secure WEb Development Teaching) is a set of portable teaching modules for secure web development. SWEET features eight teaching modules, six project modules and a virtualized web development platform that allows instructors to conduct hands-on laboratory exercises. The purpose of this project is to enhance the learning experience of computing students through standardized teaching modules and environment in secure web development. We have adopted this teaching tool to introduce web security concepts in both undergraduate and graduate courses. Each SWEET teaching module will be enough for a three-hour class containing lecture materials and hands-on laboratory exercises that are relevant to the contents in the lectures.