Government-affiliated resources, publications, and literature

  • CAE Community: Resources for CAE schools, or those interested in becoming one. www.caecommunity.org
  • CAE Tech Talks - Monthly technical seminars are provided by NSA/DHS online and for free. These lectures by experts across the country are recorded and stored. Watch videos, view pdf lecture slides.
  • DHS on IoT cybersecurity: Fix it or get sued (2016). DHS issued a new document, "Strategic Principles for Securing the Internet of Things (IoT)". View pdf. View article about it.
  • DHS Secretary's Honors Program Cyber Student Volunteer Initiative (2015). The U.S. Department of Homeland Security (DHS) launched the Secretary’s Honors Program Cyber Student Volunteer Initiative. DHS placed undergraduate student volunteers in cybersecurity-focused assignments. Read full article.
  • NICE: Cyberseek.org. To help close the cybersecurity skills gap, CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market. Includes an supply/demand jobs interactive map, and information about career pathways.
  • NICE: National Initiative for Cybersecurity Education. The National Cybersecurity Workforce Framework was developed to provide a common understanding and lexicon for cybersecurity work. They define the cybersecurity population consistently and use standardized terms. This is an essential step to ensure that our country is able to educate, recruit, train, develop, and retain a highly-qualified workforce. View NICE Frameworks here.
  • NIST publishes massive report on IoT cybersecurity needs (2016). The White House issued cybersecurity guidelines for Internet of Things (IoT) devices through a 257-page report developed by the National Institute of Standards and Technology. View pdf.
  • NIST Cyber Security Framework Reference Tool. The NIST CSF reference tool is a FileMaker runtime database solution. The Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and consists of five functions - Identify, Protect, Detect, Respond, Recover. When considered together they provide a high-level, strategic view of the lifecycle of an organization's management of cybersecurity risk. Visit site.
  • NIST Special Publication 800-30 Guide for Conducting Risk Assessments. Visit site.
  • NIST Framework for Improving Critical Infrastructure Cybersecurity (2014). View pdf.
  • Software Engineering Institute Podcasts: The Software Engineering Institute (SEI) is a federally funded research and development center (FFRDC) sponsored by the U.S. Department of Defense (DoD) and operated by Carnegie Mellon University. About one hundred podcasts have been created since 2012. Find a podcast.
     

 

Not-for-profit publications, literature, and initiatives

  • AIRMIC: A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000 (2010). View the ISO Risk Management Framework
  • COBIT 5 is the latest edition of ISACA’s globally accepted framework, providing an end-to-end business view of the governance of enterprise IT that reflects the central role of information and technology in creating value for enterprises. The principles, practices, analytical tools and models found in COBIT 5 embody thought leadership and guidance from business, IT and governance experts around the world. View framework.
  • COSO: The Committee of Sponsoring Organizations of the Treadway Commission is a joint initiative of the five private sector organizations listed on the left and is dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control and fraud deterrence. View the GRC Framework here.
  • CSFI: Senior Cyber Leadership: Why a Technically Competent Cyber Workforce Is Not Enough (2013). Prepared by The Cyber Security Forum Initiative (CSFI) this 27 page report identifies the 10 General Findings and Observations concerning Cyber Leaders. CSFI discusses the seven graduate level programs addressing the development of the next generation of Cyber Leader. Read full article.
  • CSIS: A Human Capital Crisis In Cybersecurity: Technical Proficiency Matters (2010). A White paper of the CSIS Commission on Cybersecurity for the 44th Presidency. This 53 page report provides a comprehensive approach to addressing the shortage of cybersecurity professionals with a variety of remedies. Provided by the Center for Strategic and International Studies. Read full article.
  • CTFtime.org: This website is dedicated to Capture-the-Flag (CTF) competitions holding CTF archives and team rankings (look to see where UW Batman's Kitchen scores). There is other CTF-related information as well, including upcoming worldwide competitions.
  • Cyberlimpics: Global CyberLympics’ goal is to raise awareness towards increased education and ethics in information security through a series of cyber competitions that encompass forensics, ethical hacking and defense. One key initiative for Global CyberLympics is to foster an environment that creates child online protection through education. View website.
  • PPS: Cyber IN-SECURITY: Strengthening the Federal Cybersecurity Workforce (2009). This 36 page report collaborative prepared by the Partnership for Public Service and Booz Allen Hamilton supports the findings of earlier research that the federal government needs more skilled cybersecurity professionals. The report provides recruiting, hiring and retention information to agencies seeking to hire this illusive workforce commodity. Read full article.

 

Industry-affiliated publications, literature, and initiatives

  • Readying the Next Generation Cyber Workforce: Acquiring, Developing and Retaining Cyber Professionals (2010). This 16 page analysis by Booz Allen Hamilton presents a case study to address the growing demand for educated well trained, and experienced cyber workforce that covers an organization’s “Cyber Workforce Lifecycle”. Read full article.
  • Cybersecurity Professional Trends: A SANS Survey (2014). SANS Salary survey provides an overview of the cybersecurity workforce. Resources provide a balanced approach of education, experience, certifications that lead to significant career in this rapidly expanding career field. Read full article.