Operational security frameworks, incident response playbooks, and strategic toolkits — precision-engineered for SMEs who need to go from zero to protected. Every document is professionally designed to address the real threats facing small and medium businesses, structured for immediate deployment, and written to be understood by any team without a security background. No configuration. No specialist. No guesswork. Pick up a single document or build your complete security program — everything you need is ready the moment you download it.
Professionally designed to cover the threats SMEs actually face. Ready to deploy on day one — no configuration, no specialist required.
L-BUN01
Complete Foundation
SME Security Foundation Kit
Most SMEs have nothing. No playbook for the 3am ransomware call. No procedure when a laptop goes missing. No policy that tells employees what they can and cannot do with ChatGPT. The SME Security Foundation Kit changes that in one download. Ten documents, more than 360 pages, covering every threat your business will realistically face — from AI-powered phishing targeting your CFO to the departing employee whose OAuth tokens are still active three months later. Written so your team can act without a security specialist in the room. Designed to work when your systems are down, printed and on the shelf.
L-PB01
Incident Response Core Playbook
Your incident response spine. A company that survives with imperfect evidence beats one that dies with a perfect forensic report — this playbook is built on that principle.
NIST 800-61 lifecycle — 5 phases, every role defined
Escalation matrix: IT Lead → Ops Director → CEO
Insurance notification & claim documentation
L-PB02
Phishing IR Playbook
Business Email Compromise can drain six figures in hours. Your window to contain it is minutes. Covers every variant — including AI-enhanced attacks indistinguishable from real messages.
Encrypted device + no local sensitive data = hardware replacement cost only. Without this playbook, a missing MacBook becomes a reportable breach. The GDPR clock starts the moment you became aware.
GDPR 72-hr notification decision tree (Annex B) with regulatory contacts
Data classification guide: PUBLIC → RESTRICTED breach scope assessment
An attacker with valid credentials looks like a legitimate user. You can't tell them apart — until the damage is done. Disable the account first. Investigate second.
When you're under attack, your email is down and your systems are unreachable. Your only tools are your phone and whatever you printed before it happened. This is that document.
8 attack types: SYN flood, UDP flood, HTTP flood, Slowloris, amplification & more
No policy means no accountability — and no legal standing when something goes wrong. Every ChatGPT prompt with customer data. Every USB on a company machine. Every password shared over Slack. Covered.
16 sections covering devices, internet, email, remote work, BYOD, passwords, social media, cloud services, monitoring, and enforcement
BEC awareness, password manager guidance, and 4-tier data classification with clear handling rules
Signed acknowledgment form — legally enforceable from day one
L-TRN09
Cybersecurity Induction Guide
Your team is your first line of defence — and right now they probably don't know it. Zero to security-aware in 45 minutes. Phishing, BEC, MFA, AI tools, device hardening, incident reporting.
6-question quiz to verify the training actually landed
Signed acknowledgment form for every new hire (Annex G)
L-SOP10
Employee Termination & Offboarding Procedure
An ex-employee with active access is a threat you created. Every departure is a security event. This SOP covers what gets missed: shared credentials, OAuth tokens, API keys, service accounts with no named owner.
Same-day revocation protocol for involuntary terminations
Quarterly access audit template to catch what the offboarding missed
L-MDR14
Infrastructure · Linux
AI MDR Linux Box
No subscription. No data in the cloud. No vendor dependency. The AI MDR Linux Box guide shows you how to build your own detection and response stack on hardened Ubuntu — Wazuh SIEM, Suricata IDS, and local AI via Ollama running entirely on your hardware. Then an encrypted chatbot on Matrix/Element that lets you query your own SIEM in plain language. More than 75 pages of step-by-step deployment, privacy-first by design. GDPR and nDSG compliant because your security telemetry never leaves the box.
Wazuh SIEM + Suricata IDS + Ollama local AI on hardened Ubuntu — the complete detection and response stack with zero cloud dependencies, zero SaaS cost, and zero data leaving your network, ever
Encrypted AI Threat Agent via Matrix/Element — query your own SIEM in plain language, receive structured threat analysis from an AI running on your hardware with no external API calls and no data exposure
Anti-hallucination architecture — structured JSON output, LLM-as-Judge validation, and few-shot guardrails so your AI alerts are accurate and actionable without a trained analyst to verify them
Hardware sizing for every scale — Micro (1–10 users), Small (10–30), Medium (50+) — specific hardware specs so you buy exactly what your environment needs, nothing more
GDPR, nDSG, HIPAA, PCI-DSS & SOC 2 compliant by design + full operational playbook — daily, weekly, and monthly routines to keep your MDR stack tuned and effective long after the build, with no Data Processing Agreement required for core functions
Active Directory & Microsoft 365 integration — deploy Wazuh agents to your Domain Controller and all workstations via GPO, enable advanced audit policies, and pull Microsoft 365 / Azure AD logs directly into your SIEM for full visibility across on-prem and cloud
Detection tuning built in — Wazuh alert level configuration, file integrity monitoring, noisy rule suppression, and Suricata rule tuning so your stack generates actionable alerts instead of noise from day one
Alert tiers & response procedures — structured severity levels with defined response actions for each tier so your team knows exactly what to do when an alert fires, without waiting for a security analyst to interpret it
Backup strategy & disaster recovery — automated backup scripts, external drive procedures, and a step-by-step restore guide so a hardware failure or corruption never means rebuilding from scratch
L-PLN11
Strategic Planning
12-Month Information Security Roadmap
You don't have a security team. You have a business to run and no clear idea what to fix first. The 12-Month IS Roadmap gives you the exact sequence — month by month — to build a posture that actually holds. MFA deployment in Month 1. Detection tuning by Month 9. Formal risk acceptance by Month 12. More than 70 pages across 15 security topic areas, with budget summary per phase so you know what you're committing before you commit. Works with any stack. At Month 12 you will know exactly what you have, what it cost, and what comes next.
4-phase delivery across 15 security topic areas — Core Foundations → Controls & Governance → Detection & Response → Maturity & Planning — from MFA and endpoint hardening in Month 1 to DevSecOps and executive reporting by Month 12
"The Cost of Doing Nothing" — a quantified risk baseline built into Phase 1 so you understand what inaction costs before you build the internal case for action
Budget summary per phase with real cost ranges by company size band — know what Months 1–3 will cost before you reach them, including a Full Year Budget Summary and 3-size scaling guidance
Technology Translation Quick Reference mapping every control to M365, Google Workspace, on-prem, and hybrid — your stack, not a generic template, aligned to NIST CSF and CIS Benchmark v8
12-Month Master Checklist + Annual Security Calendar — track your own progress without a dedicated security team, with a Year 2 Strategic Addendum and decision matrices for what comes after Month 12
L-GUI12
Leadership Framework
vCISO Implementation Guide
A full-time CISO costs $200,000 a year. This guide costs $79. The vCISO Implementation Guide is the complete operating manual for leading security without the title, the team, or the budget — more than 75 pages spanning 8 pillars, 17 ready-to-use templates, 21 operational checklists. A daily security routine that takes 15 minutes. A weekly one that takes 90. Communication frameworks that translate "we need MFA" into a business case that actually gets approved. For the IT Manager, Operations Lead, or business owner who just became responsible for security and needs to know exactly what to do next.
8 operational pillars — Security Strategy, Risk Management, Policy & Governance, Compliance & Legal, Incident Response, Security Operations, Vendor & Third-Party Risk, Security Awareness — each with frameworks, templates, and checklists ready to implement, not adapt
Operational rhythm that fits real SME capacity — Daily checklist (5–15 minutes), Weekly (1–2 hours), Monthly (2–4 hours), Quarterly (half day) — security governance that doesn't require a full-time job to maintain
17 ready-to-use templates — Vendor Security Questionnaire, Breach Notification Decision Tree, Quarterly Security Dashboard, Executive Summary format, and more — the highest template count in the LisaLab suite
Three-Option Framework + Traffic Light Pattern for board and executive communication — the exact method for presenting security decisions in a language that gets budgets approved and risks understood
Security Budget Benchmarks with Essential/Important/What to Skip — so your limited budget goes where it actually reduces risk, plus "What 'Monitoring' Actually Means Without a SOC" for SMEs who can't hire a security operations centre
L-PMT20
Security Tool · Windows
Password Vault
Most people reuse the same three passwords, write them on sticky notes, or pay monthly for a cloud service they don't fully trust. Password Vault is the alternative — a private, local password manager with no cloud account, no subscription, and no internet connection required. Your credentials are encrypted with AES-256-GCM, the same standard used by banks and governments. Stored in a single encrypted file on your computer. Nothing sent anywhere. Ever. One file. One password. Everything protected.
Store unlimited credentials — usernames, passwords, URLs, and notes organised by category, with no cap and no tiered plan to upgrade
One master password, no account — no email address, no registration, no recovery phone number. Only you can open it
Built-in password generator — creates strong, random passwords instantly so you never have to think of one yourself
Auto-clear clipboard after 30 seconds — copied passwords vanish automatically so nothing lingers in your clipboard waiting to be pasted somewhere it shouldn't
Configurable auto-lock — vault secures itself after 5, 15, or 45 minutes of inactivity depending on your workflow, with a security reminder for extended timers
Works offline, always — no Wi-Fi, no servers, no outage risk. A single .exe file, no installation, copy it to any folder and you're set up in under two minutes
600,000-iteration key derivation (PBKDF2-SHA256) — your master password is never stored. Instead it is converted into an encryption key through 600,000 mathematical steps (OWASP 2023 standard), making automated guessing attacks roughly one attempt per second on modern hardware
Brute-force lockout — 5 incorrect master password attempts triggers a timed lockout that persists across app restarts — restarting the app does not reset the counter
Audit logging — every failed and successful unlock attempt is logged with a timestamp so you can see exactly when and whether someone tried to access your vault while you were away
Atomic save protection — every write uses a write-then-replace technique so a power failure or crash mid-save never leaves your vault in a broken state — your data is always intact
L-AI16
AI · SME Edition
Security AI Souls & Skills — SME Edition
Every AI session, you spend 5–10 minutes re-explaining context. Your AI doesn't know your threat model, your compliance framework, your data rules, or how to think like a security professional — until you tell it again. And again. L-AI16 solves this permanently. In one afternoon you build a Security Soul that makes your AI think like your security analyst — ethical foundation, four-perspective threat analysis, compliance guardrails, and hard operational boundaries. Then you add the Skills: 8 ready-to-use security skill files covering Security Mindset, Incident Response, Alert Analysis, Risk Assessment, Compliance Mapping, Document Creation, Playbook Execution, and Security Training Content. More than 85 pages of structured guidance with 5 industry-specific starter souls included. Copy, upload, done. Works with Claude, ChatGPT, Gemini, Copilot, or any local LLM.
Complete Security Soul Template with 6 non-negotiable elements — Ethical Foundation, Four-Perspective Analysis (Analyst/Engineer/Architect/CISO), Compliance Framework, Communication Rules, Priority Hierarchy, and Absolute Operational Prohibitions — the identity your AI carries into every conversation, automatically
8 ready-to-use Security Skill Files — Security Mindset, Incident Response, Alert Analysis, Risk Assessment, Compliance Mapping, Document Creation, Playbook Execution, and Security Training Content — copy, upload to your platform, and your AI is operational from the first session
THE COMMAND enforcement system — a 4-Step Check that prevents your AI from drifting outside its boundaries, with a universal enforcement prompt, Command Creator, and 5-test validation protocol so you can verify it before you rely on it
3-tier skill architecture — Standard Skills (your brand, applied to every conversation), Methodology Skills (your senior team's expertise, available to everyone), and Personal Skills (individual productivity aids) — a structured system to build only the skills your environment actually needs
Platform upload quick reference for Claude, ChatGPT, Gemini, Copilot, and local LLMs — step-by-step setup with security-specific testing prompts to confirm your AI is behaving correctly before you put it to real work
5 industry-specific Starter Souls — General SME, Healthcare, Financial Services, E-Commerce, and Legal/Professional Services — complete, production-ready souls you can deploy in 30 minutes and customize later
3 Factory Prompts — Complete Build, Interview Build, and Upgrade Build — paste the guide into any AI and let it generate your entire tailored system automatically, then refine from real-world use
L-AI17
AI · Private Edition
Security AI Souls & Skills — Private Edition
Same framework as the SME Edition — built for your personal digital life. L-AI17 gives your personal AI a security-first soul: your privacy rules, your personal threat model, your data sharing limits, and your digital hygiene standards — set once, active every session. 8 personal security skills included: Home Network Check, Phishing Detection, "I've Been Hacked" Response, Privacy Audit, Device Hardening, Password & Authentication, Parental Controls, and Data Breach Response. More than 55 pages of hands-on guidance with 5 household-specific starter souls included. One afternoon to set up. Your AI stops being a privacy risk and starts being a privacy asset.
Personal Security Soul Template — your privacy rules, personal threat model, data sharing limits, and safe-use boundaries structured to load as your starting context in every session, automatically
8 Personal Security Skill Files — Home Network Check, Phishing Detection, "I've Been Hacked" Response, Privacy Audit, Device Hardening, Password & Authentication, Parental Controls, and Data Breach Response — designed for how individuals actually use AI, not enterprise IT workflows
THE COMMAND enforcement system — the same 4-Step Check from the SME Edition applied to your personal context: your rules, your boundaries, enforced every time without you re-explaining them
Data sanitization rules + memory file guidance — clear rules on what never goes into a cloud AI and how to build a memory file that gives your AI household context without exposing personal, financial, or health information
Platform-agnostic — works with Claude, ChatGPT, Gemini, Copilot, or any local LLM — install on the platform you already use, build security in from the inside out with no switching required
5 household-specific Starter Souls — Single Person/Couple, Family with Children, Freelancer/Work-From-Home, Helping an Elderly Parent, and Privacy-Focused Individual — complete, production-ready souls you can deploy in 30 minutes and customize later
3 Factory Prompts — Complete Build, Interview Build, and Upgrade Build — paste the guide into any AI and let it generate your entire tailored system automatically, then refine from real-world use
AI · Next Generation
AI Agent MDR Box
Next-generation AI-assisted Managed Detection & Response. Currently in development — engineered for the threats of tomorrow.
The parent practice behind LisaLab and ElisaLab — strategic cybersecurity consulting for organizations that need expert guidance from assessment to implementation.