I’ve added useful information on Cyber Security and Data Science degrees to my list of sources. Although the websites – suggested by Cheri Shallenberger, Senior Editor, STEM Explorer (US) – provide comprehensive details, the Universities/Institutions are US-based.
OASIS Cyber Threat Intelligence Technical Committee(CTI TC)
Extracted information from the site;
Overview
The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. In the initial phase of TC work, three specifications will be transitioned from the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information Expression), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable Expression).
The OASIS CTI Technical Committee will:
define composable information sharing services for peer-to-peer, hub-and-spoke, and source subscriber threat intelligence sharing models
develop standardized representations for campaigns, threat actors, incidents, tactics techniques and procedures (TTPs), indicators, exploit targets, observables, and courses of action
develop formal models that allow organizations to develop their own standards-based sharing architectures to meet specific needs
I will certainly be interested in the ‘incidents, indicators, observables and courses of action’. Anything shareable is worth researching.
The Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool
The news release at FFIEC Releases Cybersecurity Assessment Tool
Here’s the extracted news;
FFIEC Releases Cybersecurity Assessment Tool
The Federal Financial Institutions Examination Council (FFIEC), on behalf of its members, today released a Cybersecurity Assessment Tool (Assessment) to help institutions identify their risks and assess their cybersecurity preparedness.
Financial institutions of all sizes may use the Assessment and other methodologies to perform a self-assessment and inform their risk management strategies. The release of the Cybsercurity Assessment Tool follows last year’s pilot assessment of cybersecurity preparedness at more than 500 institutions. The FFIEC members plan to update the Assessment as threats, vulnerabilities, and operational environments evolve.
In addition to the Assessment, the FFIEC has also made available resources institutions may find useful, including an executive overview, a user’s guide, an online presentation explaining the Assessment, and appendices mapping the Assessment’s baseline maturity statements to the FFIEC Information Technology Examination Handbook, mapping all maturity statements to the National Institute of Standards and Technology’s Cybersecurity Framework, and providing a glossary of terms.
The FFIEC members are also encouraging institutions to comment on the Assessment through an upcoming Paperwork Reduction Act notice in the Federal Register.
The FFIEC provides several resources to further awareness of cyber threats and help financial institutions improve their cybersecurity. These resources are available on the FFIEC website at http://www.ffiec.gov/cybersecurity.htm.