Cybersecurity & Infrastructure Security Agency (n.d.). Downloading and installing CSET. This web page provides the link to download the Cyber Security Evaluation Tool (CSET®) on GitHub. Use the file CSETStandAlone.exe to install the software.
Center for Internet Security (n.d.). CIS center for internet security. This website provides general resource information on the current cybersecurity threat level, best practices, the latest tools used in the field, and details on CIS controls. The most relevant area to review is the Information Hub What’s New Section at the bottom of the page. This website is a valuable tool to have as a reference.
Cybersecurity & Infrastructure Security Agency of the Department of Homeland Security. (n.d.). Homepage | CISA. The Cybersecurity & Infrastructure Security Agency of the Department of Homeland Security provides up-to-date knowledge on the latest threats and vulnerabilities using bulletins, alerts, and analysis reports. The most relevant area to review is the latest public service and defense-related cybersecurity threats listed under the Current Activity section of the page. This website is a valuable tool to have as a reference.
Open Web Application Security Project (OWASP). (n.d.). Threat modeling This webpage provides valuable information on threat modeling and best practices for improving security by identifying and assessing application threats and vulnerabilities. The relevant areas of the website are Overview, Objectives of Threat Modeling, Threat Modeling Across the Lifecycle, Threat Modeling – Generic Steps, and Benefits. This website is a valuable tool to have as a reference.
Gunzel, J. A. (2017). Tackling the cyber threat: The impact of the dod’s “network penetration reporting and contracting for cloud services” rule on DOD contractor cybersecurity. Public Contract Law Journal, 46(3), 687–712. This journal article provides valuable information about the different cyber intrusions that have occurred and led to the creation of policy and procedure to mitigate the issue.
The resources below are highly suggested, optional readings that will help you with this week’s assignments.
Siegel, C. A., & Sweeney, M. (2020). Cyber strategy: Risk-driven security and resiliency. Auerbach Publications. This e-book describes cybersecurity strategies using several industry-standard frameworks discussed in this class. Some of the topics detailed are cyber risks and controls, current and target statement assessments, and measuring cybersecurity plan performance. This e-book is a valuable tool to have as a reference and specific chapters are valuable resources for the weekly assignments.
Clark, D., Berson, T., & Lin, H. S. (2014). At the nexus of cybersecurity and public policy: Some basic concepts and issues. The National Academies Press. This e-book details the issues that impact the formation of public policy and the need to factor in cybersecurity in a realistic manner through the use of compromise without catastrophe. This e-book is a valuable tool to have as a reference and specific chapters are valuable resources for the weekly assignments.