National / International Information Security Organizations
FIRST (Forum of Incident Response and Security Teams) provides a forum for facilitating trusted interactions among incident response and security teams. Assistance for interactions is available on either a team to team basis (through introduction to teams) or by using the FIRST infrastructure to share information among all members in a secure way. The increased ability to communicate with peer entity teams allows for faster resolution of computer security incidents, regardless of their source, destination, or transit path.
The ISACA (Information Systems Audit and Control Association) exists to assist IT governance, control and assurance stakeholders deal with IT management, IT risk and IT process, and their interaction with corporate governance, corporate management, corporate risks and corporate processes. ISACA does that by providing value through various services, such as research, standards, information, education, CISA certification, and professional advocacy. The Association helps IS audit, control and security professionals focus not only on IT, IT risks and security issues, but also on the relationship between IT and the business, business processes and business risks.
FedCIRC (The Federal Computer Incident Response Center) is the federal civilian agencies’ trusted focal point for computer security incident reporting, prevention, and response. FedCIRC is part of the National Cyber Security Division (NCSD), a division of the Information Analysis and infrastructure Protection (IAIP) Directorate in the Department of Homeland Security.
The (ISC)2 is an international organization dedicated to the certification of Information Systems Security professionals and practitioners. (ISC)2 grants the Certified Information Systems Security Practitioner (CISSP) designation to information systems security practitioners. Candidates are required to pass a rigorous CISSP examination, have eight years of experience, and subscribe to the (ISC)2 Code of Ethics.
SANS is a cooperative research and education organization through which more than 62,000 system administrators, security professionals, and network administrators share the lessons they are learning and find solutions for challenges they face. As a part of this effort, SANS offers a series of exceptional educational conferences featuring up to eight days of in-depth courses and multi-track technical conferences focusing on user experiences and problem solving. SANS also produces a series of cooperative research reports, electronic digests, posters of authoritative answers to current questions, and cooperatively-created software.
The CERT (Computer Emergency Response Team) Coordination Center, studies Internet security vulnerabilities, provides incident response services to sites that have been the victims of attack, publishes a variety of security alerts, researches security and survivability in wide-area-networked computing, and develops information to help you improve security at your site.