Government security organizations#
Governments worldwide provide good advice for dealing with cyber security risks. Some advice and tips for other governments organisations but also for citizens and private companies.
Reinventing the wheel is a waste of energy and resources. Put effort on reuse already existing information. Below a collection of governmental foundations that provide good and open information on cyber security.
This collection of Public security agencies are often governmental organization but also Universities or foundation that are funded and setup by governments and work in the general interest for the public.
Public security agencies#
Australian Cyber Security Centre (ACSC)
The Australian Cyber Security Centre (ACSC) leads the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online. We monitor cyber threats across the globe 24 hours a day, seven days a week, so we can alert Australians early on what to do.
Australian Strategic Policy Institute (ASPI)
Core aim is to provide the Australian Government with fresh ideas on Australia’s defence, security and strategic policy choices. .auCheck provides a series of tests that check whether your internet services follow standards advised by the Australian government and are up to date. .auCheck is a non-commercial, independent and free service. Our mission is to empower users, in particular Australian small businesses, to ask the right questions and request up-to-date services from their providers.
Cybersecurity Library of US DoD
Great collection of links to valuable security resources. Use it and improve it for your context! Also using these resources is good for inspiration when you need to create your own security architecture or how to perform a complex risks analyses in a large environment. Zero Trust is everywhere, but I like the DoD created Zero Trust reference architecture
ENISA
The European Union Agency for Cybersecurity.
French Cybersecurity Agency
French Cybersecurity Agency (ANSSI)
Luxembourg House of Cybersecurity
Luxembourg House of Cybersecurity is the backbone of leading-edge cyber resilience in Luxembourg and aims at capitalising on and further developing innovation, competencies, collaboration and capacity building.
Luxembourg National Cybersecurity Competence Center (NC3)
The NC3 mission is to support the Luxembourg ecosystem in building cybersecurity competence and capacity. They produce some nice FOSS tools, check it here.
NIST General information
The National Institute of Standards and Technology (NIST) is now part of the U.S. Department of Commerce. It sets standards and guidelines for Cyber Security.
New Zealand Information Security Manual
Great IS manual. The New Zealand Information Security Manual details processes and controls essential for the protection of all New Zealand Government information and systems. Controls and processes representing good practice are also provided to enhance the baseline controls. Use and reuse this manual for your governmental organisation or company.
No-More-Ransom
The “No-More-Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.
The Federal Risk and Authorization Management Program (FedRAMP)
Provides a standardized approach to security authorizations for Cloud Service Offerings. With many (free)templates!
The National Cyber Security Centre(UK)
All standards, information and tips from the UK government. Aim of this initiative is “Making the UK the safest place to live and work online”.
The University of Iowa Information Security and Policy Office
Great website from IOWA university with ready to use and REUSE examples of everything you need to set up an security department. Great example. Offers courses, list standards, offerts policies(examples) and more!