Sunday, December 30, 2012

Great Information Security Resources from the DSD

I’ve referenced the Australian Defence Signals Directorate’s Cloud Computing Security Considerations document in the past, but they have a lot of other resources available.  Many of the references are wonderfully light on government-speak and bloat, and are downright informative and readable (amazing, I know).

Their Strategies to Mitigate Targeted Cyber Intrusions lists the top 35 mitigations for intrusions, and is a solid list- including not only efficacy ratings, but user resistance, and upfront and ongoing costs.  They call out application whitelisting as the number one mitigation, and consider it mandatory.

Their website has a lot of good info, I find the Information security advice and Information security references sections to be the most informative.

Yes, they spell “defence” funny, but then they probably think Americans spell defense funny, too.