Free Resources

As part of my ongoing commitment to advancing cybersecurity knowledge and supporting professionals in the field, I provide a curated selection of free resources aimed at bridging theory with practical application. These resources include an exclusive excerpt from the Risk Management domain of my book "From 0day to CISM", designed to support candidates preparing for the CISM certification. Additionally, I offer a certification-aligned ECIH practice quiz, enabling users to self-assess their incident response capabilities under time constraints, and a collection of professional risk management templates to facilitate structured and effective risk assessments. These materials are intended to serve as valuable tools for both aspiring security managers and experienced practitioners seeking to refine their approach to governance and operational resilience.

From 0day to CISM Book

This is a comprehensive study guide tailored for professionals preparing for the CISM (Certified Information Security Manager) certification by ISACA. Designed to bridge the gap between practical cybersecurity experience and managerial-level information security knowledge, this book offers a structured and focused approach to mastering the core competencies required for success.

Covering all four domains of the CISM certification — Information Security Governance, Risk Management, Security Program Development and Management, and Incident Management — the book provides in-depth explanations, real-world insights, and practical frameworks that align with ISACA’s exam objectives. In addition to domain-specific content, it includes strategically placed exam tips, and questions to help candidates navigate the test with greater confidence and effectiveness. Click here to see a preview.

ECIH Certification practice Exam

This is a free self-assessment tool designed to help cybersecurity professionals evaluate their knowledge and readiness in the field of Incident Response, in alignment with the EC-Council Certified Incident Handler (ECIH) certification. This timed simulation presents 30 multiple-choice questions to be completed within a 15-minute window, offering a realistic preview of the types of scenarios and decision-making challenges candidates may face during the actual certification process. By providing immediate feedback upon completion, the tool enables users to identify areas of strength and pinpoint topics that may require further review, making it an effective resource for both initial assessment and final preparation.  Click here to take the quiz.

ECIH Certified Incident Handler Practice Exam

NIS2 Survival Guide

The guide NIS2 Survival Guide for CISOs and Board Administrators, is a free resource designed to support current managers and aspiring leaders in cybersecurity. This guide reflects a practical and structured approach to the correct transposition of the NIS2 Directive into Italian law (Legislative Decree 138/2024).

This guide provide also an actionable roadmap to:

  • Build a defensible compliance structure.
  • Strengthen operational resilience.
  • Foster executive accountability.

Click here to Download  NIS2 Survival Guide for CISOs and Board Administrators

NIS2 Survival Guide

NIST Assessment Report Example

This sample NIST Cybersecurity Framework (CSF) Assessment Report demonstrates how organizations—particularly in regulated industries such as finance—can evaluate and improve their cybersecurity posture using a structured, standards-based methodology. Click here to see the use case.