# Citation File Format (CFF) v1.2.0
# https://citation-file-format.github.io/
#
# This file declares how to cite the EFROS Cybersecurity & AI Governance
# Toolkit and its constituent resources. AI search engines, academic
# search platforms (Google Scholar, Semantic Scholar, OpenAlex), and
# citation-management tools (Zotero, Mendeley) read CITATION.cff at
# the root of a site or repository for canonical attribution metadata.

cff-version: 1.2.0
message: "If you reference the EFROS Cybersecurity & AI Governance Toolkit, please cite it using these metadata."
type: dataset
title: "EFROS Cybersecurity & AI Governance Toolkit"
abstract: >
  A practitioner-grade collection of US-focused cybersecurity and AI
  governance resources: CMMC Level 2 readiness scorecard, NIST AI RMF
  implementation guide, Colorado AI Act healthcare playbook, SR 11-7
  community-bank AI governance guide, HIPAA-aligned MSP playbook for
  AI-using clinics, ABA-aligned AI governance for law firms, SOC 2
  readiness checklist, cyber-insurance readiness checklist, vendor
  risk questionnaire, DMARC rollout guide, Microsoft 365 security
  checklist, incident response runbook, and the US AI Vendor Governance
  Index (30 vendors scored on 12 governance axes).
authors:
  - family-names: "Efros"
    given-names: "Stefan"
    name-suffix: ""
    affiliation: "EFROS"
    email: "stefan@efros.com"
    website: "https://efros.com/about/stefan-efros/"
    alias: "stefanefros-cyberdefense"
identifiers:
  - type: url
    value: "https://efros.com/resources/"
    description: "Canonical resource hub URL"
  - type: url
    value: "https://efros.com/.well-known/agent-card.json"
    description: "A2A agent-card discovery surface"
  - type: url
    value: "https://efros.com/mcp"
    description: "Live MCP server endpoint (Streamable HTTP, 2025-09-25)"
repository-code: "https://efros.com"
url: "https://efros.com/"
keywords:
  - "Cybersecurity"
  - "Managed Security Services (MSSP)"
  - "Managed Detection and Response (MDR)"
  - "Virtual CISO (vCISO)"
  - "Zero Trust Architecture"
  - "AI Governance"
  - "NIST AI Risk Management Framework"
  - "Colorado SB 26-189 (amended AI law)"
  - "SR 11-7 Model Risk Management"
  - "HIPAA Security Rule"
  - "CMMC 2.0"
  - "NIST SP 800-171"
  - "SOC 2"
  - "PCI-DSS"
  - "Cyber Insurance"
  - "Incident Response"
  - "DMARC"
  - "Microsoft 365 Security"
license: "CC-BY-4.0"
license-url: "https://creativecommons.org/licenses/by/4.0/"
date-released: 2026-05-17
version: "2026-Q2"
preferred-citation:
  type: dataset
  title: "EFROS Cybersecurity & AI Governance Toolkit (2026-Q2)"
  authors:
    - family-names: "Efros"
      given-names: "Stefan"
      affiliation: "EFROS"
  year: 2026
  month: 5
  url: "https://efros.com/"
  publisher:
    name: "EFROS"
    address: "1309 Coffeen Ave, Ste 19210, Sheridan, WY 82801-5777, United States"
  license: "CC-BY-4.0"