Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Cyber Threat Intelligence and AI-Driven GRC: Your Cybersecurity Solution
On-demand Webinar

Cyber Threat Intelligence and AI-Driven GRC: Your ...

Join industry experts Dr. Heather Buker - Chief Technology Officer, 6clicks and Karla Reffold, General Manager, Orpheus Cyber as they delve into how o...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=ISO/IEC 27102, description= ISO/IEC 27102 is an international standard for privacy information management systems (PIMS) developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). This standard is designed to provide organizations with a framework for developing and implementing a comprehensive privacy program that will protect personal data. The standard provides guidance on the collection, processing, storage, use, disclosure, and disposal of personal data. It also provides guidance on the development of policies and procedures to ensure that organizations are compliant with applicable privacy laws and regulations. The standard includes requirements for the protection of personal data, such as the establishment of a privacy impact assessment (PIA) process, the development of privacy policies and procedures, and the implementation of privacy management systems. In addition, it provides guidance on the use of privacy enhancing technologies (PETs) and the development of privacy education and awareness programs., topic=null, hs_path=iso-iec-27102}--
{tableName=comparison, name=SOC 2 vs ASD Essential 8, description=SOC 2 vs ASD Essential 8: Compare the two standards to understand their differences & similarities. Learn which standard is best for your organization., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1683947939686, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}'}], hs_path=soc-2-vs-asd-essential-8}--
{tableName=glossary, name=Wardriving, description= Wardriving is a type of hacking that involves using a vehicle to search for and map wireless networks. It involves driving around with a laptop or other device that is equipped with a wireless network card, and scanning for wireless networks. The hacker then records the network's name, signal strength, and encryption type and stores it in a database. This information can be used to gain access to the network, if it is not properly secured. Wardriving is often used to gain access to networks with weak security, or to gain access to networks that are not owned by the hacker. It can also be used to identify vulnerable networks that can be used for malicious purposes. Wardriving is illegal in some countries, and can result in criminal charges for the perpetrator., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=wardriving}--
{tableName=glossary, name=GRC Tools, description= GRC (Governance, Risk, and Compliance) Tools are software solutions that help organizations assess, manage, and monitor their risk, compliance, and governance activities. These tools are designed to provide organizations with the ability to assess their risk posture, identify compliance gaps, and ensure that their internal operations are in line with applicable laws and regulations. GRC tools can also be used to monitor and track performance against established objectives and provide insight into the effectiveness of internal controls. GRC tools are typically used by organizations to ensure that their operations are aligned with their business strategies, while also helping to reduce operational costs and improve operational efficiency., topic=null, hs_path=grc-tools}--
{tableName=glossary, name=Risk Management Framework, description= Risk Management Framework is a set of processes, policies, and tools used to identify, assess, monitor, and control risks associated with an organization’s activities. It is designed to help organizations manage the risks associated with their operations in order to minimize their potential impact on the organization's objectives. The framework typically includes the following components: risk identification, risk assessment, risk control, risk monitoring, and risk communication. Risk identification involves identifying potential risks and assigning them to specific categories. Risk assessment involves evaluating the probability and potential impact of the identified risks. Risk control involves implementing strategies to mitigate the identified risks. Risk monitoring involves tracking the progress of risk management activities. Risk communication involves informing stakeholders of the status of risk management activities. The Risk Management Framework is an integral part of an organization's overall risk management strategy and is necessary to ensure the organization is prepared to handle the risks associated with its operations., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1683947919413, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}'}], hs_path=risk-management-framework}--
{tableName=glossary, name=Internal Environment, description= The internal environment of an organization refers to the conditions, structures, and factors that exist within the organization and affect its ability to function and reach its objectives. It includes the organization's culture, values, attitudes, communication structure, leadership style, management systems, and employee morale. It also includes the organization's resources, such as its financial resources, physical resources, and human resources. The internal environment of an organization is a key factor in determining its success and failure. It is important that the internal environment is managed and monitored closely to ensure that the organization is working towards its goals and objectives., topic=null, hs_path=internal-environment}--
ISO/IEC 27102

ISO/IEC 27102 is an international standard for privacy information management systems (PIMS) develop...

SOC 2
SOC 2 vs ASD Essential 8

SOC 2 vs ASD Essential 8: Compare the two standards to understand their differences & similariti...

Vulnerability Management
Wardriving

Wardriving is a type of hacking that involves using a vehicle to search for and map wireless network...

GRC Tools

GRC (Governance, Risk, and Compliance) Tools are software solutions that help organizations assess, ...

Enterprise Risk Management
Risk Management Framework

Risk Management Framework is a set of processes, policies, and tools used to identify, assess, monit...

Internal Environment

The internal environment of an organization refers to the conditions, structures, and factors that e...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks