The 2026 Cybersecurity Toolkit Refresh brings a major set of free, practical updates to two widely adopted resources in the community: the SANS Policy Templates and the Cybersecurity Risk Foundation (CRF) frameworks. This session focuses on what’s new in the spring 2026 releases—updated SANS policies, refreshed CRF safeguards, expanded threat and governance models, and new supporting tools designed to help teams mature faster without adding complexity. Whether you're already using these resources or discovering them for the first time, the emphasis is simple: everything discussed in this talk is freely available, ready to download, and put into practice as soon as you get home from this event.
Building on the theme of “cybersecurity without the chaos,” we’ll walk through how these updated resources align to the CRF GRC Roadmap, providing a clear, step-by-step structure for implementing policies, selecting safeguards, validating controls, and communicating progress across the organization. Attendees will leave with immediate next steps, actionable examples for each phase of the roadmap, and direct links to all updated templates and frameworks. The goal is to help you cut through noise, adopt what works, and bring more order, clarity, and consistency to your cybersecurity program—using resources that are ready for you to put into practice today."
