Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
How to implement an ISMS in 6clicks
On-demand Webinar

How to implement an ISMS in 6clicks

Join us for a live demo with our CSO, Andrew Robinson, as he showcases how our platform can simplify your ISMS implementation..

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=End Point Security, description= End Point Security is a form of cyber security that focuses on protecting the individual devices, such as computers, laptops, and mobile devices, that are connected to a network. It encompasses a range of security measures, including antivirus software, firewalls, intrusion detection systems, and encryption, to protect the devices from malicious attacks. End Point Security is important because it helps to protect the data stored on the device from unauthorized access, as well as the device itself from malicious software and other threats. End Point Security also helps to ensure that only authorized users have access to the network and the data stored on it. End Point Security is a key component of any organization's overall security strategy, as it helps to protect the organization's data and assets from external threats., topic=null, hs_path=end-point-security}--
{tableName=glossary, name=Business Continuity, description= Business Continuity is a comprehensive approach to ensuring that an organization is able to maintain its essential operations and services in the face of any type of disruption or disaster. This includes planning for and responding to any kind of disruption, such as natural disasters, cyber-attacks, power outages, or system failures, and ensuring that the organization is able to quickly and effectively recover from these events. Business Continuity plans involve identifying critical business functions, prioritizing them, and developing strategies to keep them running during a disruption. These plans also include developing plans to back up and restore data, establishing procedures to protect vital records and information, and creating a system to communicate with employees during a disruption., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=business-continuity}--
{tableName=guides, name=NIST SP 800-171, description= This guide provides an overview of NIST SP 800-171, a cybersecurity standard for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. Learn about the security, topic=[{id=97620570517, createdAt=1673040885385, updatedAt=1715624508691, path='nist-sp-800-171', name=' NIST SP 800-171 Guide: A Comprehensive Overview', 1='{type=string, value=NIST SP 800-171}', 2='{type=string, value= This guide provides an overview of NIST SP 800-171, a cybersecurity standard for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. Learn about the security}', 5='{type=string, value=The NIST SP 800-171 Guide is an authoritative source of information for organizations looking to ensure the security of their Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations. This guide provides an overview of the security requirements and best practices for protecting CUI, as well as detailed guidance on how to implement these requirements. It covers topics such as user access control, system and network security, incident response, and logging and monitoring. The guide also provides an overview of the NIST Risk Management Framework and the NIST Cybersecurity Framework, and provides detailed guidance on how to use these frameworks to assess and mitigate risk. This guide is an essential resource for organizations looking to ensure the security of their CUI.}', 15='{type=list, value=[{id=97620570517, name='NIST SP 800-171'}]}'}], hs_path=nist-sp-800-171}--
{tableName=glossary, name=National Institute of Standards and Technology (NIST), description= The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce. Established in 1901, NIST is responsible for advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. NIST works closely with industry, universities, and other government agencies to develop measurement methods and standards that are used in a wide variety of areas including advanced manufacturing, information technology, life sciences, and nanotechnology. NIST also provides technical assistance and research to industry and state and local governments. NIST is a leader in the development and use of standards and technology to improve the quality, safety, and reliability of products and services used by Americans. NIST also plays a key role in the development of national and international standards and in the promotion of the use of these standards., topic=null, hs_path=national-institute-of-standards-and-technology-nist}--
{tableName=comparison, name=ASD Essential 8 vs NIST CSF, description=Compare the ASD Essential 8 and NIST Cybersecurity Framework (CSF) to identify which security framework best meets your organisation's needs. , topic=[{id=97620570506, createdAt=1673040885315, updatedAt=1715624279165, path='asd-essential-8', name=' ASD Essential 8 Guide: A Comprehensive Overview', 1='{type=string, value=ASD Essential 8}', 2='{type=string, value= This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help}', 5='{type=string, value=This authoritative guide provides an in-depth look at the ASD Essential 8 (E8), a set of eight measures developed by the Australian Signals Directorate (ASD) to protect organizations from cyber threats. It explores whether the ASD Essential 8 are mandatory or not for your organisations and covers the fundamentals of each of the eight measures, including the maturity levels, how to perform an assessment and implementation guidenace.}', 15='{type=list, value=[{id=97620570506, name='ASD Essential 8'}]}'}], hs_path=asd-essential-8-vs-nist-cybersecurity-framework-csf}--
{tableName=glossary, name=Cross Site Request Forgery (CSRF), description= Cross Site Request Forgery (CSRF) is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. It occurs when a malicious website, email, blog, or instant message contains a link, code, or other script that is unknowingly executed by a user's web browser. The malicious code may then perform actions on behalf of the user, such as changing account settings, transferring funds, or purchasing items without the user's knowledge or consent. CSRF exploits the trust that a website has in a user's browser, and can be used to manipulate a user into performing actions that they did not intend to do. CSRF attacks can be particularly dangerous because they often go undetected, as the user is unaware that their browser has been exploited. To prevent CSRF attacks, websites should implement measures such as token-based authentication or a CAPTCHA system to verify user requests., topic=null, hs_path=cross-site-request-forgery-csrf}--
End Point Security

End Point Security is a form of cyber security that focuses on protecting the individual devices, su...

Cybersecurity Risk Management
Business Continuity

Business Continuity is a comprehensive approach to ensuring that an organization is able to maintain...

NIST SP 800-171
NIST SP 800-171

This guide provides an overview of NIST SP 800-171, a cybersecurity standard for protecting Controll...

National Institute of Standards and Technology (NI...

The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within ...

ASD Essential 8
ASD Essential 8 vs NIST CSF

Compare the ASD Essential 8 and NIST Cybersecurity Framework (CSF) to identify which security framew...

Cross Site Request Forgery (CSRF)

Cross Site Request Forgery (CSRF) is a type of malicious exploit of a website whereby unauthorized c...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks