Cybersecurity
General
Australian Signals Directorate (ASD) – Australian Cyber Security Centre (ACSC)
ACSC Threat Report 2017
What Executives Should Know About Cyber Security
National Institutes of Standards and Technology (NIST)
SP 800-12 Rev.1 An Introduction to Information Security
SP 800-50 Building an Information Technology Security Awareness and Training Program
SP 800-53 Rev.4 Security and Privacy Controls for Federal Information Systems and Organizations
SP 800-53 Rev.5-DRAFT Security and Privacy Controls for Information Systems and Organizations
SP 800-61 Rev.2 Computer Security Incident Handling Guide
SP 800-82 Rev.2 Guide to Industrial Control Systems (ICS) Security
SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
SP 800-88 Rev.1 Guidelines for Media Sanitization
SP 800-183 Networks of ‘Things’
SP 800-184 Guide for Cybersecurity Event Recovery
Q-CERT National Information Security Center
Electronic Signature Formats Standards – English v1.0
Electronic Signature Algorithms Standard – English v1.0
Electronic Signature Overview & Specification – English v1.0
ISRMF Management Training – English v1.2
ISRMF Management Report – English v1.2
Information Security Risk Register – English v1.2
Information Security Risk Management Procedure (ISRMP) – English v1.2
Information Security Risk Management Framework (ISRMF) – English v1.2
Information Security Risk Management Framework – Appendix – English v1.2
Industrial Control Systems
Electric Power
Australian Signals Directorate (ASD) – Australian Cyber Security Centre (ACSC)
North American Electric Reliability Corporation (NERC) CIP Standards
CIP-002-5.1a BES Cyber System Categorization
CIP-003-6 Security Management Controls
CIP-004-6 Personnel & Training
CIP-005-5 Electronic Security Perimeter
CIP-006-6 Physical Security of BES Cyber Systems
CIP-007-6 Systems Security Management
CIP-008-5 Incident Reporting and Response Planning
CIP-009-6 Recovery Plans for BES Cyber Systems
CIP-010-2 Configuration Change Management and Vulnerability Assessments
CIP-011-2 Information Protection
CIP-014-2 Physical Security
National Institutes of Standards and Technology (NIST)
General
Agence Nationale de la Sécurité des Systèmes d’information (ANSSI)
Cybersecurity for ICS – Classification Method and Key Measures
Cybersecurity for ICS – Detailed Measures
Cybersecurity for ICS – Managing Cybersecurity for ICS
Cybersecurity for ICS – Practical Case off a Road Tunnel – Part 1: Classification
Cybersecurity for ICS – Practical Case off a Road Tunnel – Part 2: Measures
Cybersecurity for ICS – Use Case
European Union Agency for Network and Information Security (enisa)
Protecting ICS Report – Good practices for an EU ICS testing coordination capability
Protecting ICS – Annex I: Desktop Research Results
Protecting ICS – Annex II: Survey and Interview Analysis
Protecting ICS – Annex III: ICS Security Related Standards, Guidelines, and Policy Documents
Protecting ICS – Annex IV: ICS Security Related Initiatives
Protecting ICS – Annex V: Key Findings
Protecting ICS – Annex VI: Minutes of the Workshop
National Institutes of Standards and Technology (NIST)
SP 800-82 Rev.2 Guide to Industrial Control Systems (ICS) Security
Q-CERT National Information Security Center
National ICS Security Standard (English)
National ICS Security Standard (Arabic)
Healthcare
European Union Agency for Network and Information Security (enisa)
Security and Resilience in eHealth Infrastructures and Services
Smart Hospitals
Maritime
European Union Agency for Network and Information Security (enisa)
Analysis of Cyber Security Aspects in the Maritime Sector
Water
American Water Works Association
Cybersecurity Risk & Responsibility in the Water Sector
Process Control System Security Guidance for the Water Sector
Cybersecurity in the Water Sector
Department for Environment Food & Rural Affairs
Water Sector Cyber Security Strategy