Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Better manage your Defence Industry Security Program (DISP) with technology
On-demand Webinar

Better manage your Defence Industry Security Progr...

Join industry experts Andrew Robinson, Aaron Pollard and Shahyan Shabbir who will share their insights into how to better manage your Defence Industry...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Risk Management Standards, description= Risk Management Standards are a set of guidelines that provide organizations with a framework to identify, assess, and manage potential risks to their operations. These standards help to ensure that organizations are taking appropriate measures to prevent and mitigate risks that could result in financial, operational, or reputational damage. Risk management standards typically include components such as risk assessment, risk control, risk monitoring, and risk communication. Risk assessment involves identifying and analyzing potential risks, while risk control involves taking steps to reduce the likelihood of risks occurring. Risk monitoring involves tracking and monitoring the effectiveness of risk control measures, and risk communication involves informing key stakeholders of the risks and risk control measures. Risk management standards help to ensure that organizations are taking the necessary steps to protect their operations and reputation., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1683947919413, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}'}], hs_path=risk-management-standards}--
{tableName=glossary, name=Ransomware Protection, description= Ransomware protection is the process of safeguarding computer systems and networks from malicious software, or ransomware, that is designed to encrypt or otherwise restrict access to a user's data until a ransom is paid. Ransomware protection includes the use of antivirus software, firewalls, and other security measures to prevent ransomware from infiltrating a computer system or network in the first place. Additionally, it involves the implementation of backup and recovery plans that allow a user to restore their data in the event that ransomware does manage to infiltrate their system. Finally, ransomware protection also includes user education about the dangers of ransomware and how to avoid it., topic=null, hs_path=ransomware-protection}--
{tableName=glossary, name=Mandatory Access Control (MAC), description= Mandatory Access Control (MAC) is an access control system that requires users to be explicitly identified and authorized before they can access any resources or information. It is a type of access control system that is enforced by a centralized authority, such as a system administrator, and is based on the classification and labeling of resources. MAC is a type of access control system that is based on a set of predetermined rules, rather than user-defined rules, and is typically used in highly secure environments, such as government or military networks. MAC prevents users from accessing resources or information that they are not authorized to access, and is often used in conjunction with other access control systems, such as Discretionary Access Control (DAC) or Role-Based Access Control (RBAC)., topic=null, hs_path=mandatory-access-control-mac}--
{tableName=glossary, name=Communication Security, description= Communication Security is the practice of protecting communications (messages, data, voice, video) from unauthorized access, alteration, theft, or destruction. It involves the use of various techniques and technologies to ensure that information is only accessible to those who are authorized to view it, and that it is kept secure while in transit. This includes the use of encryption, authentication, digital signatures, and other measures to ensure the integrity and confidentiality of the communication. Communication security also involves the use of secure protocols and networks to protect data from being intercepted or modified by malicious actors. Additionally, communication security also involves the use of secure hardware and software to protect data from unauthorized access or manipulation., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1683947994134, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}'}], hs_path=communication-security}--
{tableName=glossary, name=ISO/IEC / IEC 27004:2016 Advantages, description= ISO/IEC 27004:2016 Advantages is a standard that provides guidance on the use of a range of quantitative methods to measure, analyze, and interpret the advantages of an organization's information security management system (ISMS). The standard is based on the ISO/IEC 27001:2013 standard, which provides a framework for the implementation of an ISMS. The ISO/IEC 27004:2016 Advantages standard is designed to help organizations identify, measure, and manage the advantages of their ISMS, and to ensure that the system is being used to its fullest potential. It provides guidance on the selection of metrics and methods for measuring the advantages of an ISMS, as well as on the interpretation of the results. It also provides guidance on the use of risk management and other management tools to ensure that the ISMS is being used effectively. Finally, it provides guidance on how to communicate the results of the measurements and the advantages of the ISMS to the organization., topic=null, hs_path=iso-iec-iec-270042016-advantages}--
{tableName=glossary, name=Policy management, description= Policy management is the process of developing, implementing, and maintaining organizational policies, procedures, and guidelines. It is a comprehensive system of setting and enforcing standards and guidelines to ensure that all employees and stakeholders are aware of and comply with the organization’s policies. Policy management includes creating and maintaining a policy document, making sure it is up-to-date, communicating it to stakeholders, and monitoring compliance. It also includes developing an enforcement system to ensure that the policy is followed and that any violations are addressed and corrected. Policy management is an important part of any organization’s risk management strategy, as it helps to ensure that the organization is complying with relevant laws and regulations, and that it is taking steps to protect its employees, customers, and assets., topic=[{id=97620570510, createdAt=1673040885340, updatedAt=1685411365052, path='regulatory-compliance', name='Streamlining Compliance Management: The 6clicks Advantage', 1='{type=string, value=Compliance Management}', 2='{type=string, value=This guide provides an overview of the regulations and compliance requirements for businesses in the US, UK, AU and EU. Learn how to stay compliant and protect your business from potential legal issues.}', 5='{type=string, value=This guide provides an overview of the key principles and strategies for successful compliance management. Learn how to navigate regulatory requirements, mitigate risks, and streamline processes with the help of advanced compliance management solutions. Gain valuable insights to ensure your organization's adherence to laws, regulations, and industry standards while promoting a culture of compliance and achieving operational excellence.}'}], hs_path=policy-management}--
Enterprise Risk Management
Risk Management Standards

Risk Management Standards are a set of guidelines that provide organizations with a framework to ide...

Ransomware Protection

Ransomware protection is the process of safeguarding computer systems and networks from malicious so...

Mandatory Access Control (MAC)

Mandatory Access Control (MAC) is an access control system that requires users to be explicitly iden...

Cybersecurity Risk Management
Communication Security

Communication Security is the practice of protecting communications (messages, data, voice, video) f...

ISO/IEC / IEC 27004:2016 Advantages

ISO/IEC 27004:2016 Advantages is a standard that provides guidance on the use of a range of quantita...

Compliance Management
Policy management

Policy management is the process of developing, implementing, and maintaining organizational policie...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks