Industry Associations and Organizations
The following information security-related organizations and associations provide best practices, standards, and training opportunities to government and private industry.
- SysAdmin, Audit, Network, Security (SANS) Institute
Provides, at no cost, a collection of research documents about various aspects of information security. Two of the most popular SAN sites are:
- Multi-State Information Sharing and Analysis Center (MS-ISAC)
Provides a central resource for states and local government for sharing information on cyber threats to critical infrastructure.
- Information Technology — Information Sharing and Analysis Center (IT-ISAC) )
Identifies threats and vulnerabilities to the infrastructure and shares best practices on how to quickly and properly address them.
- Forum of Incident Response and Security Teams (FIRST)
Provides incident prevention to stimulate rapid reaction to incidents and promotes information sharing.
- Information Systems Security Association (ISSA)
A non-profit international organization of security professionals and practitioners that provides educational forums, publications, and member participation.
- Alliance of Security Analysis Professionals (ASAP)
Provides disaster preparedness professionals methodologies, tools, and information sharing.
- ASIS International (ASIS)
Provides information on security issues and solutions to increase the effectiveness and productivity of security practices.
- Information Systems Audit and Control Association (ISACA)
Provides information regarding governance, control, security, and audit of information technology.
- High Technology Crime Investigation Association (HTCIA)
Promotes the exchange of ideas and knowledge about methods, processes, and techniques related to investigations and security in advanced technologies.
Provides for the exchange of information concerning various terrorism, intelligence, criminal, and security matters.
- International Computer Security Association (ICSA) Labs
A central authority for research, intelligence, and certification testing of products.
- (ISC)² A global, not-for-profit organization dedicated to educating and certifying information security professionals throughout their careers. Promotes the Certified Information Systems Security Professional (CISSP) certification and communicates with security professionals seeking certification.
- Disaster Recovery Institute
Provides educational services and certification for contingency planning and business continuity professionals.
- Ponemon Institute
Provides information to advance responsible information and privacy management practices in business and government.
The California Office of Information Security (Office) web site contains links to other sites that are not owned or controlled by us. The information provided at these sites does not reflect the views of this Office or indicate an endorsement of a particular company or product. Please be aware that our Office is not responsible for the security and privacy practices of such other sites.