Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Ready or not, here comes CMMC 2.0
On-demand Webinar

Ready or not, here comes CMMC 2.0

Join our esteemed panel of presenters for an informative session on the new Cybersecurity Maturity Model Certification (CMMC) 2.0 standards. Dr. Heath...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Cybersecurity Credentials, description= Cybersecurity credentials are a set of qualifications and certifications that a person or organization holds to demonstrate their knowledge and proficiency in the field of cybersecurity. These credentials may include certifications from industry-recognized organizations such as the International Information Systems Security Certification Consortium (ISC2), the Computing Technology Industry Association (CompTIA), the Certified Information Systems Security Professional (CISSP), and the Information Systems Audit and Control Association (ISACA). Cybersecurity credentials also may include certifications from universities and other educational institutions, as well as certifications from government agencies like the National Security Agency (NSA). Cybersecurity credentials are important for both individuals and organizations, as they demonstrate the expertise and knowledge of the holder in the field of cybersecurity and provide assurance that the holder is up-to-date on the latest security practices and technologies., topic=null, hs_path=cybersecurity-credentials}--
{tableName=glossary, name=Security Event, description= Security Event: A security event is an occurrence or incident that affects the security of a system, network, or application. It can be anything from a malicious attack such as a virus or malware, to an unauthorized user accessing a system or network, to a system or application malfunction. Security events can be detected in real time or in retrospect, and can be analyzed to identify the cause and potential impacts. Security events are monitored and analyzed to identify threats, vulnerabilities, and potential malicious activity, and to help ensure the security of a system, network, or application., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=security-event}--
{tableName=glossary, name=ISO/IEC 27001 Benefits, description= ISO/IEC 27001 Benefits are the advantages that organizations can gain from implementing the ISO/IEC 27001 Information Security Management System (ISMS). This standard provides a framework for organizations to create, implement, maintain, and continually improve an information security management system. It includes a set of processes and procedures that organizations must follow to ensure the confidentiality, integrity, and availability of their information assets. By following the standard, organizations can ensure that their information is secure and protected from unauthorized access, use, and disclosure. ISO/IEC 27001 Benefits include improved security and compliance, improved risk management, reduced costs, increased customer trust and loyalty, improved organizational efficiency, and improved competitive advantage. These benefits can help organizations achieve their business objectives while protecting their information assets., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-benefits}--
{tableName=glossary, name=Money Laundering, description= Money Laundering is the process of disguising illegally obtained funds so they appear to have been obtained from a legitimate source. It is typically done by transferring the money through a series of transactions and/or accounts to hide its origin. Common techniques used to launder money include structuring, smurfing, layering, and using offshore accounts. Money laundering is a crime in many countries and is used to finance activities such as drug trafficking, terrorism, and organized crime. Money laundering can also be used to hide illegal profits from legitimate businesses, such as tax evasion and embezzlement., topic=null, hs_path=money-laundering}--
{tableName=glossary, name=PCI DSS, description= PCI DSS (Payment Card Industry Data Security Standard) is an information security standard for organizations that handle credit card and debit card information. It was created by major credit card companies such as Visa, MasterCard, American Express, and Discover, to ensure that all merchants and service providers who accept, process, store, or transmit credit card information do so securely and protect customers’ data from theft and fraud. PCI DSS outlines twelve requirements for organizations to follow in order to protect cardholder data, including maintaining a secure network, protecting cardholder data, regularly monitoring and testing networks, and maintaining an information security policy. It also requires organizations to assign a unique ID to each person with computer access, restrict physical access to cardholder data, and regularly monitor and test networks. PCI DSS applies to all organizations that accept, process, store, or transmit credit card information, regardless of size or number of transactions. Compliance with PCI DSS is mandatory for any organization that handles credit card information, and failure to comply may result in fines, penalties, and loss of the ability to accept credit cards., topic=[{id=97620570502, createdAt=1673040885290, updatedAt=1715624259698, path='pci-dss', name=' PCI-DSS: A Guide to Meeting Security Requirements', 1='{type=string, value=PCI-DSS}', 2='{type=string, value=This guide provides an overview of the Payment Card Industry Data Security Standard (PCI-DSS) and the steps to take to ensure compliance with}', 5='{type=string, value=

This comprehensive guide provides a comprehensive overview of the Payment Card Industry Data Security Standard (PCI-DSS), a set of security standards designed to protect cardholder data and reduce the risk of data breaches. It covers the key components of the PCI-DSS, including the 12 requirements, the 6 goals, and the 6 core principles. It also provides a detailed description of the processes, technologies, and tools required to comply with the standard. Furthermore, the guide includes best practices for implementing the standard and provides resources to help organizations stay on top of the latest developments in the industry.

This guide provides a roadmap for achieving PCI-DSS compliance and maintaining a secure environment.

}', 15='{type=list, value=[{id=97620570502, name='PCI-DSS'}]}'}], hs_path=pci-dss}--
{tableName=glossary, name=Data Owner, description= Data Owner is a term used to refer to the person or entity responsible for the creation, maintenance, and control of a set of data. This includes the right to decide how the data should be used, who can access it, and who can modify it. Data Owners are responsible for ensuring the security, accuracy, and integrity of the data, as well as for ensuring that any changes to the data are properly documented. Data Owners are also responsible for ensuring compliance with applicable laws and regulations, as well as for ensuring that the data is used in a manner that is consistent with the intended purpose of the data., topic=null, hs_path=data-owner}--
Cybersecurity Credentials

Cybersecurity credentials are a set of qualifications and certifications that a person or organizati...

Cybersecurity Risk Management
Security Event

Security Event: A security event is an occurrence or incident that affects the security of a system,...

ISO 27001
ISO/IEC 27001 Benefits

ISO/IEC 27001 Benefits are the advantages that organizations can gain from implementing the ISO/IEC ...

Money Laundering

Money Laundering is the process of disguising illegally obtained funds so they appear to have been o...

PCI-DSS
PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is an information security standard for organ...

Data Owner

Data Owner is a term used to refer to the person or entity responsible for the creation, maintenance...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks