Nagan Research Group LLC

The links below, some of which are ours, are sources of cyber related information that you may find useful.

(click on the link to get the material or go to the site)

Papers

 

Management Guide for Fighting Cyber Predators—A short paper providing an overview of how to develop a strategy to fight the cyber predators we all face every day.

 

Self Assessments

 

Cyber Security Culture Barometer— a free self assessment of the how supportive your organizations culture is towards cyber security

 

Videos

 

Cyber Exposure—A five minute video providing a quick overview of our strategy and approach.      

Cyber Wack-a-Mole—A short video providing background on cyber wack-a-mole

 

Courses & Webinars

 

Understanding Cyber Exposure—A short course available through the Cyber Risk Academy providing background material for understanding cyber exposures.

 

Advanced Cyber Exposure Management Part 1—The first of a two part course that provides introduction to identifying  cyber exposures.

 

Advanced Cyber Exposure Management Part 2—The second part of the course which provices information on how to manage cyber exposures

 

Cyber Exposure Management—Why should you care? - This webinar will bring the following points to your attention: How Cyber exposures can hurt your organization in multiple ways; How Cyber exposures are not confined to purely technical areas; How If not addressed cyber threats will harm your organization 

 

Publications

 

effective Cyber Exposure Management— Available on Amazon. An introduction to understanding, identifying and managing cyber exposure.

 

effective Enterprise Risk Management—   Available on Amazon. A primer on effective enterprise risk management.

 

Standards: Example of widely accepted risk management standards are as follows. It should be noted that there are charges for many of their standards.

ISO (http://www.coso.org/guidance.htm ) ISO 27001/27002 are the international standards for technical risk management principles and guidelines.

NIST Information Security Handbook: A Guide for Managers, http://csrc.nist.gov/publications/nistpubs/800-100/SP800-100-Mar07-2007.pdf

Personal Information: Guides from the US Government of protecting personal information.

Protecting Personal Information: A Guide for Business, Federal Trade Commission, http://www.ftc.gov/infosecurity/

 

Privacy Policies: Say What You Mean and Mean What You Say, Federal Trade Commission, http://www.ftc.gov/bcp/edu/pubs/articles/art09.shtm

In Brief: The Financial Privacy Requirements of the Gramm-Leach-Bliley Act, http://www.ftc.gov/bcp/conline/pubs/buspubs/glbshort.shtm

Information Compromise and the Risk of Identity Theft: Guidance for Your Business, Federal Trade Commission, http://www.ftc.gov/bcp/edu/pubs/business/idtheft/bus59.shtm

Cyber Threats: The following sites provide information regarding cyber threats.

CERT National Cyber Alert System, http://www.us-cert.gov/cas/signup.html

SANS Institute @RISK: The Consensus Security Alert, http://www.sans.org/newsletters/risk/?portal=6ea651380cdb76a250c69e382baf5c61

FBI’s Internet Crime Complaint Center: http://www.ic3.gov/default.aspx

IBM’s Cyber Security Intelligence Index: You have to fill out a form but the information covers the world and can be a great help.

https://www-03.ibm.com/security/data-breach/cyber-security-index.html

Threat Assessment:

An Introduction to Computer Security: The NIST Handbook Chapters 14 and 18, National Institute of Standards and Technology,http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf

Common Sense Guide to Prevention and Detection of Insider Threats, United States Computer Emergency Readiness Team, http://www.us-cert.gov/reading_room/

 

An Introduction to Computer Security: The NIST Handbook, http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf

© 2017 All rights reserved Nagan Research Group LLC

  NRG CONTACT INFO

  info@naganresearchgroup.com