The original post: /r/cybersecurity by /u/Round-Campaign-1692 on 2025-01-03 03:05:14.

Hey everyone,

Is there a book or resource that takes a very high level, general approach to all compliance frameworks in cybersecurity instead of focusing on specific compliance framework? For example, instead of walking through a specific compliance framework that requires showing controls for use of 3rd party LLMs, the book/resource I have in mind would list that as an example of vendor risk management and would mention that such a scenario should be dealt with in the same way any vendor risk management scenario should be dealt with.

In other words, is there a book/ resource that deals with the fundamental concepts and questions that occur and reoccur in all compliance frameworks? Instead of “x, y, and z are requirements from A specific compliance framework”; “x, y, and z are examples of A type of concept in compliamce and can be found in several compliane frameworks…” etc etc

Or is this just silly :)

Thanks!