• National Institute of Standards and Technology (NIST)
  • Barker, E., & Roginsky, A. (2019, March ). Transitioning the Use of Cryptographic Algorithms and Key Lengths. NIST Special Publication 800-131A Revision 2. Retrieved from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf
  • National Institute of Standards and Technology (NIST). (2020). Introduction to Public Key Cryptography. Retrieved on November 24, 2023 from https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines
  • National Institute of Standards and Technology (NIST). (2023). Cybersecurity Framework (CSF) Version 1.1. Retrieved on December 6, 2023 from https://www.nist.gov/cyberframework
  • National Institute of Standards and Technology (NIST). (n.d.). Glossary – data structure. Retrieved on December 11, 2023 from https://csrc.nist.gov/glossary
  • National Institute of Standards and Technology (NIST). (2012). Guide for conducting risk assessments (Special Publication 800-30 Rev 1). https://csrc.nist.gov/pubs/sp/800/30/r1/final
  • National Institute of Standards and Technology (NIST). (2020). Risk Management Framework (RMF) for Information Systems and Organizations: A System Life Cycle Approach (Special Publication 800-37 Rev 2) https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf
  • National Institute of Standards and Technology (NIST). (2020). Security and Privacy Controls for Information Systems and Organizations (Special Publication 800-53 Rev. 5). https://doi.org/10.6028/NIST.SP.800-53r5
• Cybersecurity Infrastructure & Security Agency (CISA)
• US-CERT
• US Department of Defense (DOD)
  • United States Department of Defense. (2022). DoD Approved 8570 Baseline Certifications. Extension of Appendix 3 to the DoD 8570.01 Manual. Retrieved on December 1, 2022 from https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/
• Department Of Justice (DOJ)
• US Dept. of Health & Human Services (HHS)
  • HHS. (2022, March 31). The HIPPA Privacy Rule. Retrieved from https://www.hhs.gov/hipaa/for-professionals/privacy/index.html
• US Government Accountability Office
  • United States Government Accountability Office, (2018) Weapon Systems Cybersecurity (GAO-19-128) https://www.gao.gov/assets/gao-19-128.pdf
• NJ State (Contract Law)
  • New Jersey State. (2022). Local Public And Public School Contracts Law – Extraordinary Unspecifiable Services. Department of Community Affairs.  Retrieved on November 24, 2022 from  https://www.nj.gov/dca/divisions/dlgs/resources/rules_docs/5_34/njac_5342.pdf

Other

• Code of Federal Regulations. (2022). 160.408 Factors considered in determining the amount of a civil money penalty. Retrieved on November 18, 2022 from https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-160/subpart-D/section-160.408
• National Cyber Security Centre. (December 10, 2015). Understanding Vulnerabilities. What are vulnerabilities, and how are they exploited? Retrieved on February 27, 2023 from https://www.ncsc.gov.uk/information/understanding-vulnerabilities