I’ve seen myself using a lot of the CIS Controls as a main framework to improve cybersecurity in a couple of companies in the last years. However, I’m much more versed into ISO 27001 and ISMS auditing than CIS itself. I’m now looking for updated resources to learn more about the CIS Controls. The ideal case would be able to complete the SANS SEC566 (SEC566: Implementing and Auditing CIS Critical Controls) but it is far away from my budget.
So, while I don’t believe there is another specific course or training aimed at CIS v8 like this, my question is: What courses, trainings or books do you recommend for someone trying to get a deeper grasp at CIS Controls, not only to guide its implementation but to help others do so as consultant.
Or TL;DR: Is there anything cheaper than the SANS SEC566 course specific to CIS Controls?