Official Guidelines & Standards¶

Authoritative guidance documents from government agencies, standards bodies, and professional organizations.

Swedish Resources¶

CERT-SE¶

Website: cert.se
Incident Reporting: Information about reporting incidents
Threat Reports: Regular threat landscape updates
Guidance: Technical advisories and recommendations

MSB (Civil Contingencies Agency)¶

Website: msb.se
Information Security: informationssakerhet.se
NIS2 Guidance: Upcoming requirements for essential entities

IMY (Data Protection Authority)¶

Website: imy.se
Breach Notification: Personal data breach reporting
GDPR Guidance: Data protection requirements

European Union¶

ENISA (EU Agency for Cybersecurity)¶

Website: enisa.europa.eu

Key Publications: | Document | Topic | |----------|-------| | ENISA Threat Landscape | Annual threat report | | SME Cybersecurity Guide | SME-focused guidance | | Incident Response Guide | IR procedures | | Cloud Security | Cloud security guidance |

EDPB (European Data Protection Board)¶

Website: edpb.europa.eu

Key Guidelines: | Document | Topic | |----------|-------| | Guidelines on Data Breach Notification | GDPR Article 33/34 | | Guidelines on Consent | Consent requirements |

NIS2 Directive¶

Official Text: EUR-Lex NIS2
ENISA NIS2 Resources: enisa.europa.eu/topics/nis-directive

United States¶

NIST (National Institute of Standards and Technology)¶

Website: nist.gov/cybersecurity

Essential Publications:

Publication	Title	Topic
NIST CSF 2.0	Cybersecurity Framework	Risk management framework
SP 800-61 Rev 2	Computer Security Incident Handling Guide	Incident response
SP 800-86	Guide to Integrating Forensic Techniques	Digital forensics
SP 800-83	Guide to Malware Incident Prevention and Handling	Malware response
IR 8374	Ransomware Risk Management	Ransomware guidance

CISA (Cybersecurity & Infrastructure Security Agency)¶

Website: cisa.gov

Key Resources:

Resource	URL	Topic
Stop Ransomware	cisa.gov/stopransomware	Ransomware guidance
Incident Response Playbook	CISA Playbooks	IR procedures
Known Exploited Vulnerabilities	KEV Catalog	Patch priorities
Secure by Design	cisa.gov/secure-by-design	Development guidance

United Kingdom¶

NCSC (National Cyber Security Centre)¶

Website: ncsc.gov.uk

Key Guidance:

Guide	Topic
Cyber Essentials	Basic security controls
10 Steps to Cyber Security	Organizational guidance
Mitigating Malware and Ransomware	Malware defense
Incident Management	IR guidance
Small Business Guide	SME-focused

Forensic Standards¶

SWGDE (Scientific Working Group on Digital Evidence)¶

Website: swgde.org

Key Documents:

Document	Topic
Best Practices for Digital Evidence Collection	Evidence handling
Best Practices for Mobile Device Evidence	Mobile forensics
Remote Collection Best Practices	Remote forensics

NIJ (National Institute of Justice)¶

Website: nij.ojp.gov

Document	Topic
Electronic Crime Scene Investigation Guide	First responder guide
Forensic Examination of Digital Evidence	Examination procedures

Industry Standards¶

ISO/IEC Standards¶

Standard	Title
ISO/IEC 27001	Information Security Management
ISO/IEC 27002	Security Controls
ISO/IEC 27035	Incident Management
ISO/IEC 27037	Digital Evidence Collection
ISO/IEC 27043	Incident Investigation

OWASP (Open Web Application Security Project)¶

Website: owasp.org

Resource	Topic
OWASP Top 10	Web application risks
ASVS	Application security verification
Testing Guide	Security testing

SANS Institute¶

Website: sans.org

Resource	Topic
Reading Room	Technical papers
Posters	Quick reference guides
Critical Security Controls	CIS Controls guidance

Incident-Specific Guidance¶

Ransomware¶

Source	Document
CISA	Stop Ransomware
NIST	IR 8374 - Ransomware Risk Management
NCSC	Ransomware Guidance
No More Ransom	nomoreransom.org

Data Breach¶

Source	Document
EDPB	Breach Notification Guidelines
IMY	Swedish Breach Notification
ICO	UK Breach Reporting

Phishing¶

Source	Document
CISA	Phishing Guidance
APWG	Anti-Phishing Working Group
NCSC	Phishing Attacks

Quick Reference Posters¶

Free downloadable posters for quick reference:

Poster	Source	Topic
DFIR Fundamentals	SANS	Digital forensics basics
Incident Handler's Handbook	SANS	IR quick reference
Windows Forensics	SANS	Windows artifacts
Memory Forensics	SANS	Memory analysis

Official guidance should be adapted to your specific context and legal requirements.

Last updated: 2026-01