Security Links
Listed below are a range of links to security websites and others sites
that are related to the work that Meridian undertakes.
Please be aware that we are not responsible for the content; accuracy
or opinions expressed in such Web sites, and such Web sites are not investigated,
monitored or checked for accuracy or completeness by us, for further information
please refer to our term and conditions policy.
International organisations.
Information Security Forum (ISF)
Organisation membership group with international programme of workgroups,
meetings and forums.
http://www.securityforum.org/
International Information Systems Security Certification Consortium
(ISC2)
Membership organisation developing and promoting industry best practices
for information security, including those for Certified Information Systems
Security Professionals (CISSPs), Systems Security Certified Professionals
(SSCPs) and Certification and Accreditation Professionals (CAPs).
http://www.isc2.org/
International Organization for Standardization (ISO)
Developer of international standards.
http://www.iso.org/
International Electrotechnical Commission (IEC)
The international standards and conformity assessment body for all electrical,
electronic and related technologies.
http://www.iec.ch/
MasterCard International
MasterCard Worldwide manages a family of well-known, widely accepted payment
cards brands including MasterCard , Maestro and Cirrus and serves financial
community.
http://www.mastercard.com
Payment Card Industry (PCI) Security Standards Council
Card issuer (Visa, Mastercard, Amex, JCB, etc) global forum for the ongoing
development, enhancement, storage, dissemination and implementation of
security standards for account data protection.
https://www.pcisecuritystandards.org/
Pretty Good Privacy (PGP)
Pretty Good Privacy is international corporation that develops secure
products for the transmission and storage of data and information.
http://www.pgp.com
SysAdmin, Audit, Network, Security (SANS) Institute
Information on security training and certifications, research documents
and Internet early warning system for attacks such as viruses, worms and
abnormal behaviour or trends.
http://isc.sans.org/
http://www.sans.org/
Visa
Visa provides cardholder services and merchant acceptance information
on a worldwide platform.
http://www.visa.com
UK Sites
UK sites aiming to improve information security.
British Computer Society (BCS)
Professional membership organisation for information technology professionals.
http://www.bcs.org/
British Standards Institution (BSI)
BSI British Standards develops private, national and international
standards.
http://www.bsi-global.com/
Business Continuity Institute (BCI)
Promoting the best practices for business continuity management.
http://www.thebci.org/
Information Systems Audit And Control Association - London UK
Organisation for IT audit, control, security, assurance and governance
professionals (affiliated to the US based ISACA http://www.isaca.org/,
with affiliates in over 170 countries). ISACA offers the acclaimed Certified
Information Systems Auditor (CISA) and Certified Information Security
Manager (CISM) certifications. See also northern chapter.
http://www.isaca-london.org/
Information Systems Security Association - United Kingdom
Association for information security professionals and practitioners (affiliated
to the US based ISSA http://www.issa.org/).
http://www.issa-uk.org/
The Institute of Internal Auditors - UK and Ireland
For internal audit professionals (affiliated to the US-based Institute
of Internal Auditors).
http://www.iia.org.uk/
IT Infrastructure Library (ITIL)
Best practice, qualifications, accreditation, assessment and implementation
of IT service management.
http://www.itil.co.uk/
Security projects
Some international security projects for information security.
CCTA Risk Assessment and Management Methodology (CRAMM)
Risk analysis method developed by the UK Central Communication and Telecommunication
Agency (CCTA), now part of Office of Government Commerce (OGC). The toolkit
has been extended and developed by Insight Consulting, part of Siemens.
http://www.cramm.com/
Computer Network Defence Internet Operational Picture
Real time information on new and emerging cyber threats.
http://securitywizardry.com/radar.htm
Economics and Security Resource Page
Links to internet resources about the economics of security.
http://www.cl.cam.ac.uk/~rja14/econsec.html
Open Web Application Security Project (OWASP)
Developing, demonstrating and sharing best practice for secure web development.
http://www.owasp.org/
QASec.com
Security through the software development lifecycle and quality assurance
through software security testing.
http://www.qasec.com/
Secure Programming Skills Assessment (SPSA)
An initiative to improve secure coding skills in developers through assessment
testing to certify programmers' knowledge of secure-coding practices.
http://www.sans-ssi.org/
