Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
AI-Driven GRC: Ask Hailey and OpenAI's GPT
On-demand Webinar

AI-Driven GRC: Ask Hailey and OpenAI's GPT

Unlock the power of AI in GRC with our on-demand webinar, 'AI-Driven GRC: Ask Hailey and OpenAI's GPT.' Learn how Hailey and OpenAI's GPT enhance GRC ...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Instant Communications Security And Compliance, description= Instant Communications Security and Compliance is the practice of implementing measures to ensure the security and compliance of digital communications, such as emails, text messages, and other forms of electronic communication. It involves using technologies, processes, and policies to protect data and communications from unauthorized access or alteration. It also involves ensuring that all communications comply with applicable laws and regulations. This includes ensuring that all data is stored securely, that all communications are encrypted, and that all communications are monitored and audited. Additionally, it involves establishing processes to ensure that all communications are compliant with applicable laws and regulations, and that any changes to the system are documented and approved. Finally, it involves providing training to users on how to properly use and protect digital communications., topic=null, hs_path=instant-communications-security-and-compliance}--
{tableName=glossary, name=Operational Risk Management (ORM), description= Operational Risk Management (ORM) is the process of identifying, assessing, and mitigating risks that can arise from the operations of an organization. It is an important part of an organization’s overall risk management strategy, and involves the identification, evaluation, and control of risks that can arise from the organization’s operations. ORM is a proactive approach to managing risks and encompasses a wide range of activities, including risk identification and assessment, risk control and monitoring, and risk response and recovery. ORM also involves the development and implementation of policies, procedures, and systems to effectively manage operational risks. The goal of ORM is to ensure that the organization’s operations remain safe, secure, and efficient, while minimizing losses and maximizing returns. ORM is a continuous process that requires ongoing monitoring and review to ensure that risks are identified and addressed in a timely and effective manner., topic=null, hs_path=operational-risk-management-orm}--
{tableName=glossary, name=Ransomware Protection, description= Ransomware protection is the process of safeguarding computer systems and networks from malicious software, or ransomware, that is designed to encrypt or otherwise restrict access to a user's data until a ransom is paid. Ransomware protection includes the use of antivirus software, firewalls, and other security measures to prevent ransomware from infiltrating a computer system or network in the first place. Additionally, it involves the implementation of backup and recovery plans that allow a user to restore their data in the event that ransomware does manage to infiltrate their system. Finally, ransomware protection also includes user education about the dangers of ransomware and how to avoid it., topic=null, hs_path=ransomware-protection}--
{tableName=glossary, name=Cybersecurity Asset Management (CSAM), description= Cybersecurity Asset Management (CSAM) is a process of managing the security of digital assets and information systems. It involves the identification, classification, monitoring, and protection of digital assets and information systems from unauthorized access, use, modification, or destruction. CSAM is a critical component of an organization's overall security strategy, as it helps to ensure the confidentiality, integrity, and availability of digital assets. CSAM involves the implementation of policies and procedures that define the roles and responsibilities of personnel, as well as the implementation of technical controls to protect digital assets. CSAM also involves the use of technologies such as firewalls, intrusion detection systems, and encryption to protect digital assets from unauthorized access, use, or modification. Additionally, CSAM involves the implementation of processes and procedures to monitor the security of digital assets, including the identification of threats, assessment of risks, and implementation of countermeasures., topic=null, hs_path=cybersecurity-asset-management-csam}--
{tableName=glossary, name=ISO/IEC /IEC 27004:2016 Clauses, description= ISO/IEC 27004:2016 Clauses is an international standard that provides guidance and best practices for measuring and managing the performance of Information Security Management Systems (ISMS). It is based on the ISO/IEC 27001:2013 standard and provides a framework for organizations to assess and improve their security posture. The standard is divided into six main sections, each of which contains a number of clauses. The sections cover topics such as security management, security controls, risk assessment and management, security incident management, security monitoring, and security assurance. Each clause provides guidance on the requirements for the specific topic and includes examples of how to implement the requirements. The standard also includes a number of annexes which provide additional guidance on security management, security controls, and security assurance. ISO/IEC 27004:2016 Clauses is designed to help organizations develop and maintain an effective ISMS, and to ensure that their security posture is up to date and in line with industry best practices., topic=null, hs_path=iso-iec-iec-270042016-clauses}--
{tableName=glossary, name=Cyber Safety, description= Cyber safety is the practice of protecting oneself and one’s personal information from malicious online threats such as cyberbullying, identity theft, and hacking. Cyber safety involves taking steps to protect oneself from malicious online activity, including using strong passwords, avoiding suspicious links and websites, and being aware of one’s online activity. Additionally, cyber safety involves being aware of potential risks associated with social media, online gaming, and other online activities, and taking steps to mitigate those risks. Cyber safety is a growing concern as the internet and technology continue to evolve, and it is important for individuals to take steps to protect themselves from malicious online activity., topic=null, hs_path=cyber-safety}--
Instant Communications Security And Compliance

Instant Communications Security and Compliance is the practice of implementing measures to ensure th...

Operational Risk Management (ORM)

Operational Risk Management (ORM) is the process of identifying, assessing, and mitigating risks tha...

Ransomware Protection

Ransomware protection is the process of safeguarding computer systems and networks from malicious so...

Cybersecurity Asset Management (CSAM)

Cybersecurity Asset Management (CSAM) is a process of managing the security of digital assets and in...

ISO/IEC /IEC 27004:2016 Clauses

ISO/IEC 27004:2016 Clauses is an international standard that provides guidance and best practices fo...

Cyber Safety

Cyber safety is the practice of protecting oneself and one’s personal information from malicious onl...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks