MICHAEL PATMON
  • Home
  • About
  • Cyber References
  • Cyber Security Fundamentals
  • Cryptography
  • Security Architecture
  • Risk Management
  • Management & Cyber Security
  • Secure Software Design
  • Network Visualization & Vulnerability Detection
  • Cyber Threat Intelligence
  • Incident Response & Computer Network Forensics
  • Operational Policy

Cyber References

Standards and Publications
  • HIPAA for Professionals
  • IETF RFCs | Internet Engineering Task Force
  • SANS Information Security Training

News and Resources
  • CSO Online
  • Information Security Stack Exchange
  • Krebs on Security
  • Mosaic Security
  • Schneier on Security
  • The Hacker News
  • Wired Magazine - Security

Books
  • Bosworth, S., Kabay, M.E., Whyne, E.  (2014).  Computer Security Handbook
  • Drucker, P.  (1974).  Management: Tasks, Responsibilities, Practices
  • Ferguson, N., Schneier, B., and Kohno, T. (2010). Cryptography Engineering: Design Principles and Practical Applications.
  • Sherwood, J., Clark, A., Lynas, D.  (2005).  Security Architecture Model.  In, Enterprise Security   Architecture: A Business-Driven Approach. 
  • Touhill, G. Touhill, J.  (2014).  Cybersecurity for Executives - A Practical Guide. 
Government Resources
  • FBI Infraguard
  • NIST Computer Security Resource Center
  • US CERT | Computer Emergency Readiness Team

Tools
  • Kismet Wireless Sniffer
  • MetaSploit | Penetration Testing Software
  • Nessus Vulnerability Scanner
  • WireShark Packet Analyzer

Course References

CSOL 500 - Cyber Security Fundamentals
  • Bosworth, S., Kabay, M.E., Whyne, E.  (2014).  Computer Security Handbook (6th ed.).  Hoboken, NJ: Wiley & Sons
  • Kali Linux
  • Metasploit & Metasploitable VM
  • SANS Vulnerability Assessment Template

CSOL 510 - Cryptography
  • Federal Information Processing Standards Publication 197 (FIPS-197)
  • Ferguson, N., Schneier, B., and Kohno, T. (2010). Cryptography Engineering: Design Principles and Practical Applications. Wiley Publishing, Indianapolis, Indiana.
  • IEEE Top 10 Security Design Flaws
  • Information Security Stack Exchange
  • Windows Dev Center - Cryptographic Primitives

CSOL 520 - Security Architecture
  • NIST Special Publication 800-53 - Security and Privacy Controls for Information Systems and Organizations
  • NIST Special Publication 800-57 Part 1 Revision 4.  Recommendation for Key Management.
  • Sherwood Applied Business Security Architecture (SABSA)

CSOL 530 - Risk Management
  • FIPS 199 - Standards for Security Categorization for Federal Information and Information Systems
  • HIPAA for Professionals
  • NIST 800-30 - Guide for Conducting Risk Assessments
  • NIST Special Publication 800-37 - Risk Management Framework
  • NIST Special Publication 800-53 - Security and Privacy Controls for Information Systems and Organizations

CSOL 540 - Operational Policy
  • Alhaqbani, B., & Fidge, C. (2007) Access Control Requirements for Processing Electronic Health Records.  Retrieved from https://link.springer.com/chapter/10.1007/978-3-540-78238-4_38
  • Bloomfield, R. (2015, June). Mobile Device Security in Healthcare. Retrieved from https://nchica.org/wp-content/uploads/2015/06/Bloomfield.pdf
  • McGraw, D., Leiter, A., Rasmussen, C. (2013, October). Rights and Requirements: A Guide to Privacy and Security of Health Information in California. Retrieved from https://www.chcf.org/wp-content/uploads/2017/12/PDF-PrivacySecurityGuide.pdf
  • Palmer, M., Robinson, C., Patilla, J., & Moser, E.  (2000).  META Security Group Information Security Policy Framework.  Retrieved from http://horseproject.wiki/images/1/18/Information-Security-Policy-Framework-Research-Report.pdf
  • PCI Security Standards Council. (2016, May). PCI DSS Quick Reference Guide.  Retrieved from https://www.pcisecuritystandards.org/documents/PCIDSS_QRGv3_2.pdf?agreement=true&time=1521947756182
  • State of California Department of Justice. (2018). Privacy Laws. Retrieved from https://oag.ca.gov/privacy/privacy-laws

CSOL 550 - Cyber Management
  • Bosworth, S., Kabay, M.E., Whyne, E.  (2014).  Computer Security Handbook. 
  • Business Continuity Institute (2016).  Workplace Recover Report 2016. 
  • Glenny, M.  (2013).  TED-Ed - Hire the Hackers
  • NIST Special Publication 800-18 - Guide for Developing Security Plans for Federal Information Systems
  • NIST Special Publication 800-34 - Contingency Planning Guide for Federal Information Systems
  • National Institute of Standards and Technology (2004).  Federal Information Processing Standards Publication 199
  • SANS Institute - Incident Tracking in the Enterprise

CSOL 560 - Secure Software Design & Development
  • Android Architecture Blueprints
  • DarkReading - The Pros and Cons of Application Sandboxing
  • LibreSSL - LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes.
  • NIST Special Publication 800-160 - Systems Security Engineering
  • OpenSSL - OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
  • OpenSSL Vulnerabilities
  • Osborne, D., Challener, D. (2015)  Trusted Platform Module Evolution

CSOL 570 - Network Visualization & Vulnerability Detection
  • Kali Linux
  • Kismet Wireless
  • MetaSploit
  • Network Mapper (NMAP)
  • Oracle VirualBox

CSOL 580 - Cyber Threat Intelligence
  • Elkind, P.  (2016, June 25).  Sony Hack.  Retrieved form http://fortune.com/sony-hack-part-1/
  • FireEye: Cyber Security & Malware Protection
  • Gourley, B. (2016). The Cyber Threat. ISBN-10: 1501065149. ISBN-13: 978-1501065149.
  • Graves, M., Jensen III, C., & McElreath, D. (2013).Introduction to Intelligence Studies. ISBN-10:1466500034. ISBN-13: 978-1466500037
  • Kolochenko, I. (). How to Calculate ROI and Justify Your Cybersecurity Budget. Retrieved from https://www.csoonline.com/article/3010007/advanced-persistent-threats/how-to-calculate-roi-and-justify-your-cybersecurity-budget.htmlwww.csoonline.com/article/3010007/advanced-persistent-threats/how-to-calculate-roi-and-justify-your-cybersecurity-budget.html
  • Polancich, J. (2015, February 27). Cyber Intelligence: Defining What You Know.  Retrieved from https://www.darkreading.com/operations/cyber-intelligence-defining-what-you-know/a/d-id/1319257

CSOL 590 - Incident Response & Computer Network Forensics
  • Berinato, S.  (2007, June 8).  The Rise of Anti-Forensics.  CSO.  Retrieved from http://www.csoonline.com/article/2122329/investigations-forensics/the-rise-of-anti-forensics.html?page=2
  • FTK Imager - Data Preview & Imaging Tool
  • NIST Special Publication 800-101 - Guidelines on Cell Phone Forensics
  • Piccinelli, M. (2011). Exploring the iPhone Backup Made by iTunes
  • Stone, A.  (2015, September 17).  Chain of Custody: How to Ensure Digital Evidence Stands Up In Court.  Retrieved from https://www.govtechworks.com/chain-of-custody-how-to-ensure-digital-evidence-stands-up-in-court/#gs.rPaQxhk
  • U.S. Department of Justice - Digital Evidence in the Courtroom: A Guide for Law Enforcement and Prosecutors
Powered by Create your own unique website with customizable templates.
  • Home
  • About
  • Cyber References
  • Cyber Security Fundamentals
  • Cryptography
  • Security Architecture
  • Risk Management
  • Management & Cyber Security
  • Secure Software Design
  • Network Visualization & Vulnerability Detection
  • Cyber Threat Intelligence
  • Incident Response & Computer Network Forensics
  • Operational Policy