Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Mastering Security Compliance
Live Webinar

Mastering Security Compliance

Unlock the essentials of Security Compliance with industry experts in our live webinar. Gain valuable insights and strategies for mastering compliance...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=End Point Security, description= End Point Security is a form of cyber security that focuses on protecting the individual devices, such as computers, laptops, and mobile devices, that are connected to a network. It encompasses a range of security measures, including antivirus software, firewalls, intrusion detection systems, and encryption, to protect the devices from malicious attacks. End Point Security is important because it helps to protect the data stored on the device from unauthorized access, as well as the device itself from malicious software and other threats. End Point Security also helps to ensure that only authorized users have access to the network and the data stored on it. End Point Security is a key component of any organization's overall security strategy, as it helps to protect the organization's data and assets from external threats., topic=null, hs_path=end-point-security}--
{tableName=glossary, name=Forensics, description= Forensics is the application of scientific methods and techniques to the investigation and analysis of evidence from a crime scene or other source of information in order to determine the facts of a case. Forensic science involves the use of specialized techniques to collect, analyze, and interpret physical evidence, such as fingerprints, DNA, bloodstains, and other trace evidence. It also includes the use of psychological and sociological techniques to analyze witness statements and other forms of testimony. Forensic science has become increasingly important in the criminal justice system, as it has been used to solve numerous crimes and to help identify suspects., topic=null, hs_path=forensics}--
{tableName=glossary, name=ISO/IEC 27002 Importance, description= ISO/IEC 27002 is an international standard for information security management, which provides best practice recommendations for organizations to implement security controls in order to protect their information assets. The standard is based on the principles of the ISO/IEC 27000 series of standards and provides guidance on the selection, implementation, and management of information security controls. It is an important tool for organizations to ensure that their information assets are adequately protected from unauthorized access, disclosure, destruction, or other unauthorized activities. It can also be used as a reference for organizations to assess their own security posture and identify areas for improvement. The standard is regularly updated to reflect the changing security landscape and new threats., topic=null, hs_path=iso-iec-27002-importance}--
{tableName=glossary, name=Vulnerability Scanning, description= Vulnerability scanning is a process of identifying, quantifying, and prioritizing (ranking) the vulnerabilities in a computer system, network, or application. It is an automated process that uses software to scan a system for known weaknesses and security issues. Vulnerability scanning can help organizations identify and address potential security risks before an attacker has the opportunity to exploit them. It is a critical step in the overall security process, as it allows organizations to understand the attack surface of their system, identify potential vulnerabilities, and prioritize their efforts to address them. Vulnerability scanning can also be used to detect unauthorized changes to a system, detect malicious activity, and monitor compliance with security policies. It is an important part of any security program and is often used in conjunction with other security measures, such as penetration testing and risk assessment., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=vulnerability-scanning}--
{tableName=glossary, name=Incident Response Plan, description= An Incident Response Plan is a set of written instructions that outlines the steps an organization should take when responding to a security incident. It is a comprehensive document that covers all aspects of incident response, from initial detection and analysis to containment, eradication, and recovery. The plan should also include post-incident activities such as reporting, analysis, and follow-up. The plan should be tailored to the organization’s specific needs, and should include policies and procedures for responding to incidents, such as a communications plan, a notification plan, and a process for gathering evidence. The plan should also include roles and responsibilities for staff and resources, both internal and external, that will be involved in the incident response process., topic=null, hs_path=incident-response-plan}--
{tableName=glossary, name=PCI DSS, description= PCI DSS (Payment Card Industry Data Security Standard) is an information security standard for organizations that handle credit card and debit card information. It was created by major credit card companies such as Visa, MasterCard, American Express, and Discover, to ensure that all merchants and service providers who accept, process, store, or transmit credit card information do so securely and protect customers’ data from theft and fraud. PCI DSS outlines twelve requirements for organizations to follow in order to protect cardholder data, including maintaining a secure network, protecting cardholder data, regularly monitoring and testing networks, and maintaining an information security policy. It also requires organizations to assign a unique ID to each person with computer access, restrict physical access to cardholder data, and regularly monitor and test networks. PCI DSS applies to all organizations that accept, process, store, or transmit credit card information, regardless of size or number of transactions. Compliance with PCI DSS is mandatory for any organization that handles credit card information, and failure to comply may result in fines, penalties, and loss of the ability to accept credit cards., topic=[{id=97620570502, createdAt=1673040885290, updatedAt=1715624259698, path='pci-dss', name=' PCI-DSS: A Guide to Meeting Security Requirements', 1='{type=string, value=PCI-DSS}', 2='{type=string, value=This guide provides an overview of the Payment Card Industry Data Security Standard (PCI-DSS) and the steps to take to ensure compliance with}', 5='{type=string, value=

This comprehensive guide provides a comprehensive overview of the Payment Card Industry Data Security Standard (PCI-DSS), a set of security standards designed to protect cardholder data and reduce the risk of data breaches. It covers the key components of the PCI-DSS, including the 12 requirements, the 6 goals, and the 6 core principles. It also provides a detailed description of the processes, technologies, and tools required to comply with the standard. Furthermore, the guide includes best practices for implementing the standard and provides resources to help organizations stay on top of the latest developments in the industry.

This guide provides a roadmap for achieving PCI-DSS compliance and maintaining a secure environment.

}', 15='{type=list, value=[{id=97620570502, name='PCI-DSS'}]}'}], hs_path=pci-dss}--
End Point Security

End Point Security is a form of cyber security that focuses on protecting the individual devices, su...

Forensics

Forensics is the application of scientific methods and techniques to the investigation and analysis ...

ISO/IEC 27002 Importance

ISO/IEC 27002 is an international standard for information security management, which provides best ...

Vulnerability Management
Vulnerability Scanning

Vulnerability scanning is a process of identifying, quantifying, and prioritizing (ranking) the vuln...

Incident Response Plan

An Incident Response Plan is a set of written instructions that outlines the steps an organization s...

PCI-DSS
PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is an information security standard for organ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks