Resources

Industry/Legal Guidelines

• California Breach Notification Law
• Center for Internet Security (CIS) Critical Controls
• CIS Compliance Benchmark
• CIS Benchmarks
• NIST 800-53 — Security Controls
• NIST 800-171 — Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
• NIST Cybersecurity Framework
• GDPR General Data Protection Regulation Toolkit (download)

Reports

• California Data Breach Report (2016) (download)
• Verizon Data Breach Investigations Report (2022)

Best Practices

• Best Practices for Notifying Affected Individuals of a Large-Scale Data Breach (download)
• Remediating Pass the Hash attacks
• Sysmon Deployment
  
  • Windows batch file to deploy Sysmon using a startup script via GPO
  • Seed the Sysmon deployment using this example Sysmon XML configuration file