Infomation Security Resources
Federal Laws and Regulations
Industry News
Industry Standards
Higher Education Information Security Council
Professional Organizations
Regulatory Entities
State Laws and Regulations
UT Policies and Guidelines
Federal Laws and Regulations
The following are federal laws and regulations that relate to information resources security and privacy.
- Health Insurance Portability and Accountability Act
- HIPAA Security Rule
- Federal Privacy Act of 1974
- Family Educational Rights and Privacy Act, 20 USC § 1232g
- Computer Fraud and Abuse Act of 1986
- Patriot Act
- Computer Security Act of 1987
- Homeland Security Act
- The Children's Internet Protection Act of 2000
- The Children’s Online Privacy Protection Act
Industry News
The following Web sites offer news and articles related to information security.
- NIST Computer Security Resource Center
- Computerworld Security News
- CSO (Chief Security Officer) Online Magazine
- TechTarget
- Network World
- SANS Internet Storm Center
- SC Magazine
- Security Magazine
- The Chronicle of Higher Education
Industry Standards
The following organizations offer requirements for establishing and maintaining an information security program. These standards are periodically reviewed, revised, and updated. It is critical that the most current version of a published standard be used or referenced.
- National Institute of Standards and Technology (NIST)
- International Standard for Organization (ISO 27001-2005)
Higher Education Information Security Council (HEISC)
The HEISC mission is to support and enhance higher education institutions as they improve information security governance, compliance, data protection, and privacy programs.
Professional Organizations
The following organizations offer certifications, conferences, and other resources for information security professionals.
- American Council on Education (ACE) Higher Education Topics
- Association for Computing Machinery
- Center for Education and Research in Information Assurance and Security
- Center for Internet Security (CIS)
- CERT Coordination Center
- CIO.gov
- Colloquium for Information Systems Security Education
- Computing Technology Industry Association (CompTIA)
- EDUCAUSE
- InCommon
- Indiana University Center for Applied Cybersecurity Research
- Information Systems Audit and Control Association (ISACA)
- Information Systems Security Association (ISSA)
- InfraGard
- Institute for Information Infrastructure Protection (I3P)
- Markle Foundation Task Force on National Security in the Information Age
- National Council of ISACs
- National Cyber Security Alliance
- National Information Assurance Training and Education Center
- National Institute of Standards and Technology (NIST) Computer Security Resource Center
- National Security Agency
- SANS Institute
- US Department of Justice Computer Crime and Intellectual Property Section
- Virginia Alliance for Secure Computing and Networking
Regulatory Entities
The following entities regulate laws related to information resources security and privacy.
- US Department of Justice
- US Department of Health and Human Services (HIPAA)
- Federal Communications Commission
State Laws and Regulations
The following are state laws and regulations that relate to information resources security and privacy.
- Texas Administrative Code 202: Information Security Standards
- Texas Business and Commerce Code 521: Identity Theft Enforcement and Protection Act
- Texas Government Code 559: State Government Privacy Policies
UT Policies and Guidelines
In addition to institution policies and standards, UT System institutions must also adhere to the following UT System policies and guidelines:
