Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Eliminate GRC Reporting Nightmares
On-demand Webinar

Eliminate GRC Reporting Nightmares

Learn how to streamline GRC reporting and eliminate nightmares in our on-demand webinar, 'Eliminate GRC Reporting Nightmares.' Gain insights into effi...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Business Resilience, description= Business resilience is the ability of an organization to anticipate, prepare for, respond to, and recover from disruptions while maintaining continuous operations and safeguarding people, assets, and operations. It is the capacity to withstand and quickly recover from any kind of disruption, such as natural disasters, cyber-attacks, supply chain disruptions, or financial losses. Business resilience involves having the right strategies, processes, and systems in place to ensure a quick response to any kind of disruption. This includes having a well-defined plan of action, a well-trained and informed workforce, and the right technology and tools to help manage the situation. Business resilience also involves having the right resources to help the organization get back on its feet, such as financial resources, insurance, and the right partnerships and collaborations. Business resilience is an essential part of any organization’s risk management strategy and is key to its long-term success., topic=null, hs_path=business-resilience}--
{tableName=glossary, name=Cloud Security, description= Cloud Security is the process of protecting data, applications, and infrastructure that are stored in the cloud from unauthorized access, misuse, and data loss. This involves the use of various security measures such as encryption, authentication, access control, and monitoring to ensure that data stored in the cloud is secure. Cloud security also involves the implementation of policies and procedures to ensure that cloud-based services are being used in a secure and compliant manner. Cloud security is an important part of any organization’s overall security strategy, as it can help protect sensitive data and applications from malicious threats and unauthorized access., topic=null, hs_path=cloud-security}--
{tableName=glossary, name=Policy management, description= Policy management is the process of developing, implementing, and maintaining organizational policies, procedures, and guidelines. It is a comprehensive system of setting and enforcing standards and guidelines to ensure that all employees and stakeholders are aware of and comply with the organization’s policies. Policy management includes creating and maintaining a policy document, making sure it is up-to-date, communicating it to stakeholders, and monitoring compliance. It also includes developing an enforcement system to ensure that the policy is followed and that any violations are addressed and corrected. Policy management is an important part of any organization’s risk management strategy, as it helps to ensure that the organization is complying with relevant laws and regulations, and that it is taking steps to protect its employees, customers, and assets., topic=[{id=97620570510, createdAt=1673040885340, updatedAt=1715624381441, path='regulatory-compliance', name='Streamlining Compliance Management: The 6clicks Advantage', 1='{type=string, value=Regulatory Compliance}', 2='{type=string, value=This guide provides an overview of the regulations and compliance requirements for businesses in the US, UK, AU and EU. Learn how to stay compliant and protect your business from potential legal issues.}', 5='{type=string, value=This guide provides an overview of the key principles and strategies for successful compliance management. Learn how to navigate regulatory requirements, mitigate risks, and streamline processes with the help of advanced compliance management solutions. Gain valuable insights to ensure your organization's adherence to laws, regulations, and industry standards while promoting a culture of compliance and achieving operational excellence.}'}], hs_path=policy-management}--
{tableName=glossary, name=ISO/IEC 27001 Vulnerability Management, description= ISO/IEC 27001 Vulnerability Management is a set of processes and procedures used to identify, classify, prioritize, and address potential vulnerabilities in information systems. It is designed to help organizations protect their information assets and ensure compliance with applicable laws and regulations. The standard focuses on the management of vulnerabilities, including the identification of vulnerabilities, the assessment of their risk, and the implementation of appropriate measures to reduce or eliminate the risk. The standard outlines the necessary steps for a comprehensive vulnerability management program, including the development of a vulnerability management policy, the implementation of a vulnerability management process, and the monitoring of the process. It also provides guidance on the selection of appropriate tools and technologies to support the process. Additionally, the standard outlines the roles and responsibilities of personnel involved in the process and provides guidance on the reporting of vulnerabilities., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-vulnerability-management}--
{tableName=guides, name=UK Cyber Essentials, description= This authoritative guide provides a comprehensive overview of the UK Cyber Essentials scheme, a government-backed initiative that helps organisations protect themselves against the most common cyber threats. It covers the scheme’, topic=[{id=97620570522, createdAt=1673040885416, updatedAt=1715624535878, path='uk-cyber-essentials', name=' UK Cyber Security: Get the Essential Guide', 1='{type=string, value=UK Cyber Essentials}', 2='{type=string, value= This authoritative guide provides a comprehensive overview of the UK Cyber Essentials scheme, a government-backed initiative that helps organisations protect themselves against the most common cyber threats. It covers the scheme’}', 5='{type=string, value=This authoritative guide provides an in-depth look at the UK Cyber Essentials program, a set of security standards designed to protect organisations from cyber threats. It covers the five key areas of cyber security that organisations must adhere to in order to be certified under the program: secure configuration, boundary firewalls, access control, malware protection, and patch management. It provides a comprehensive overview of the program, including its purpose, requirements, and benefits. It also includes best practices for organisations to follow to ensure their systems are secure and compliant. Finally, it provides guidance on how to become certified under the program, as well as resources to help organisations stay up-to-date with the latest cyber security developments.}', 15='{type=list, value=[{id=97620570522, name='UK Cyber Essentials'}]}'}], hs_path=uk-cyber-essentials}--
{tableName=glossary, name=NIST SP 800-53, description= NIST SP 800-53 is a set of security controls and guidelines developed by the National Institute of Standards and Technology (NIST). It provides a comprehensive set of security requirements for federal information systems and organizations. It is designed to help organizations protect their information systems from unauthorized access, modification, misuse, and destruction. The security controls are divided into 18 categories, with each category containing a set of security controls and associated implementation guidance. The categories include access control, audit and accountability, awareness and training, configuration management, contingency planning, identification and authentication, incident response, maintenance, media protection, physical and environmental protection, planning, personnel security, risk assessment, system and services acquisition, system and communications protection, system and information integrity, system and network security, and system and organization security. Each security control is further divided into sub-controls, with each sub-control having a set of implementation guidance and a baseline security requirement. The baseline security requirement defines the minimum level of security that must be achieved for each sub-control. NIST SP 800-53 also provides guidance on how to implement the security controls and provides a framework for developing a security program., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1715624498921, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}', 15='{type=list, value=[{id=97620570515, name='NIST SP 800-53'}]}'}], hs_path=nist-sp-800-53}--
Business Resilience

Business resilience is the ability of an organization to anticipate, prepare for, respond to, and re...

Cloud Security

Cloud Security is the process of protecting data, applications, and infrastructure that are stored i...

Regulatory Compliance
Policy management

Policy management is the process of developing, implementing, and maintaining organizational policie...

ISO 27001
ISO/IEC 27001 Vulnerability Management

ISO/IEC 27001 Vulnerability Management is a set of processes and procedures used to identify, classi...

UK Cyber Essentials
UK Cyber Essentials

This authoritative guide provides a comprehensive overview of the UK Cyber Essentials scheme, a gove...

NIST SP 800-53
NIST SP 800-53

NIST SP 800-53 is a set of security controls and guidelines developed by the National Institute of S...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks