Despite how disparaged they often are, especially amongst the technical elite, Microsoft has done some really amazing things over the years. One value-add that I enjoy is their CISO Series, a body of blog entries from Microsoft Security Team surrounding aspects of cybersecurity and information security that a CISO normally has to deal with. Of particular note to me, considering my past positions and efforts standing up Security Operations Centers (SOCs), is the Lessons Learned from the Microsoft SOC series; it's quite good. So far they've published four parts; I've added a link to the first part below. While details of this group of articles may be on the advanced side for most SMBs, the enterprise security information is good knowledge - I recommend you at least browse through when you have a few minutes.