The graphic below is a blue-print for a application design I am personally working on actually as a hobby / business idea, guidance and software product
The Percussion Framework – made by a drummer, for kiwis
– I have taken guidelines for the US based National Institute of Standards and Technology. During the 2 years or so I imagine the process will take, customers of my infosec services will have full access to the programme. The idea is that the app will hold the users hand and guide them – encourage them – to get a little further in the game; which is intended to be somewhat gamified as it will be able to output cyber-readiness scores, and also be a conduit for the application to quotes for cyber-liability insurance
for a user friendly web-app / mobile-app, that business owners and their staff will access periodically during disaster preparedness drills and exercises.
NIST CSF 2.0 (SP 1299),
SentinelOne