The links below are to resources provided by the US Federal Government that are related to online privacy and security and comprise regulations, rules, commentary, engineering resources, and databases & statistics on security incidents.
Where to start:
- If you're looking for information on Meltdown or Spectre, then this site hosted by Graz University of Technology is a great place to start.
- Search and Discover U.S. Government Information with govinfo
- Federal Digital System: Search Government Publications with FDSYS
- Federal Chief Information Officer (CIO) cio.gov
- Department of Homeland Security Office of Cybersecurity and Communications
"responsible for enhancing the security, resilience, and reliability of the Nation’s cyber and communications infrastructure"
- National Security Administration (NSA): nsa.gov
Science and Engineering
- National Science Foundation (NSF): nsf.gov
- National Institute of Standards and Technology (NIST): nist.gov
- Sandia National Labs: sandia.gov
- An acronym to know: CFR (Code of Federal Regulations)
general search engine for rules, proposed rules, and notices. Users can post comments and participate in petitions. Prepare to be overwhelmed!
- Electronic Code of Federal Regulations with e-CFR
The electronic code is a current but unofficial editorial compilation of CFR material and Federal Register amendments, so you may want to further review the disclaimers at the site.
- Code of Federal Regulations (Annual Edition) with e-CFR
Federal Telecom and Datacom
- National Telecommunications and Information Administration NTIA
- NTIA's United States Frequency Allocation Chart as of January 2016
- Federal Communications Commission FCC
- FCC's Enforcement Bureau
"responsible for enforcement of provisions of the Communications Act, the Commission's rules, Commission orders and terms and conditions of station authorizations"
Online Security and Security Incidents
- Acronyms to know: CVE (Common Vulnerabilities and Exposures) and CNA (CVE Numbering Authority)
- NSF Cybersecurity Special Report
- United States Computer Emergency Readiness Team: US-CERT
Reporting of security incidents, threats and reports
- NIST's National Vulnerability Database NVD
Database including feeds, visualizations, downloadable JSON objects of CVEs
- NIST Cybersecurity Framework
"The Framework is voluntary guidance, based on existing standards, guidelines, and practices, for critical infrastructure organizations to better manage and reduce cybersecurity risk."
- MITRE's CVE
Database and Information
"MITRE is a private, not-for-profit corporation that operates FFRDCs—federally funded research and development centers"