FRAMEWORKS & BEST PRACTICES
COBIT – ISACA’s recommend control framework
CIS Controls – Top recommend security controls
NIST Computer Security Resource Center – Security special publications
OWASP – The Open Web Application Security Project
SANS – White Papers

REGULATORY REQUIREMENTS
CMMC (Cybersecurity Maturity Model Certification)
GDPR (General Data Protection Regulation)
HIPAA (Health Insurance Portability and Accountability Act)
PCI DSS (Payment Card Industry Data Security Standards)