Readiness

Description

The following provides resources for cybersecurity best practices, system configuration benchmarks, implementation guides, sample policies and procedures, and cybersecurity training modules.

CIS Benchmarks

CIS Benchmark are industry best practices for the secure configuration of target system. It is currently available for over 140 technologies which includes OS, server software, cloud providers, mobile devices, network devices, software and more.

Cost: Free / email must be provided
Site: https://www.cisecurity.org/cis-benchmarks/
Webinar for CIS Benchmark
Cost: Free and done every two weeks.

CIS Hardened Images

CIS provides hardened images on cloud providers such as Azure, AWS and Google.
Site: https://www.cisecurity.org/cis-hardened-image-list/
Cost: $0.02 – $0.10/Hour or monthly rates
Hardened images via GPO are also provided to members

Cyber Security Hub – Whitepapers

Provides guides and resources to stand up policies, processes and procedures. Also has related news articles, podcasts, videos, reports and training events/calendar on cybersecurity
Cost: Free / email must be provided for site content
Site: https://www.cshub.com/whitepapers
Cost: Free with Email

Secure Technical Implementation Guide

Site: https://public.cyber.mil/stigs/
Document Library: https://public.cyber.mil/stigs/downloads/

SysAdmin, Audit, Network and Security (SANS) Institute
Site: https://www.sans.org
Sample Policies: https://www.sans.org/information-security-policy/

Training

Controlled Unclassified Information Security Requirements Workshop provided by NIST

https://www.nist.gov/news-events/events/2018/10/controlled-unclassified-information-security-requirements-workshop

Kevin Mitnick – KnowBe4 : Security and Awareness Training

https://www.knowbe4.com/free-it-security-tools-ga?gclid=EAIaIQobChMIpMOu7c_V5AIV0xitBh1DfgkUEAAYASAAEgLh3_D_BwE