Trust you are doing well. Cyber Security domain has been expanding at an accelerated pace over the past few years. With the introduction of digital, the domain has added a whole new dimension onto itself. In recent years I have interacted with many business and technology leaders who are wondering how best to implement a comprehensive security program that is prudent as well as effective.
While the CIS top 20 controls (CSC) provides a good set of technical controls, it is limited in administrative controls. On the other end we have NIST 800-53 & ISO 27000 security frameworks with their 100s of controls to choose from which can be very overwhelming. My experience has been that these 40 controls can be a good starting point to help improve the maturity of your cyber security posture.
The goal is to provide a simplified yet holistic view of the cyber security domain for Business and IT Leaders to device an effective security strategy. I hope you and your team will find this helpful and welcome your queries and comments.