You are working with authorities to help uncover how threat actors were able to retrieve critical information about the organization and as a result divulge insider information.

Review the Gather Intel information and be prepared to submit preliminary findings.

Hint:

NIST Cybersecurity Framework (NIST CSF)

• ISO/IEC 27001

• CIS Critical Security Controls

• COBIT (Control Objectives for Information and Related Technologies)

• NIST 800-53 (Security and Privacy Controls for Information Systems)

• Fair Information Practice Principles (FIPPs)

• OWASP Risk Assessment Framework

• MITRE ATT&CK Framework

• GDPR Compliance Framework

• Risk Management Framework (RMF)