top of page

Resources

NIST (National Institute of Standards and Technology) - U.S. Department of Commerce
www.nist.gov

Cybersecurity Framework

NIST Special Publications
SP 800 series - Computer security

  • 800.83 - Guide to Malware Incident Prevention and Handling for Desktops and Laptops

  • 800.40 - Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology

  • 800.184 - Guide for Cybersecurity Event Recovery

  • 800.46 - Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security

  • 800.215 - Guide to a Secure Enterprise Network Landscape

SP 1800 series - Cybersecurity practice guides

  • 1800.31 - Improving Enterprise Patching for General IT Systems: Utilizing Existing Tools and Performing Processes in Better Ways

  • 1800.17 - Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers

  • 1800.25 - Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events

  • 1800.26 - Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

  • 1800.35 - Implementing a Zero Trust Architecture

SP 500 series - Information Technology

  • 500.9 - The Use of Passwords for Controlled Access to Computer Resources

  • 500.27 - Computer Security and the Data Encryption Standard: Proceedings of the Conference on Computer Security and the Data Encryption Standard

  • 500.166 - Computer Viruses and Related Threats: a Management Guide

 

ISO (International Organization for Standardization)
www.iso.org
International Standards

  • ISO/IEC 27032:2023 Cybersecurity - Guidelines for Internet security

  • ISO/IEC 27071:2023 Cybersecurity - Security recommendations for establishing trusted connections between devices and services

  • ISO/IEC TS 27110:2021 Information technology, cybersecurity and privacy protection - Cybersecurity framework development guidelines

  • ISO/IEC TS 27100:2020 Information technology — Cybersecurity — Overview and concepts

  • ISO/IEC 18045:2022 Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Methodology for IT security evaluation

​

FBI (Federal Beurue of Investigations)
www.fbi.gov/cybercrime
Provides information, common risks, and safety tips to protect yourself from cybercrime

​

CISA (Cybersecurity and Infrastructure Security Agency)
www.cisa.gov
Free Services and Tools include:

  • Connect with a Regional Cybersecurity Advisor

  • Sign up for Cyber Hygiene Services

  • Create a Cybersecurity Performance Goal Assessment

bottom of page