Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinar

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Discretionary Access Control (DAC), description= Discretionary Access Control (DAC) is a type of access control in which a user's access to a system or resource is based upon the user's individual identity. This type of access control allows the user to make decisions about who can access the system or resource, and what type of access they can have. DAC is based on the principle of least privilege, which means that a user is only allowed access to the minimum amount of resources necessary to perform their job. The user is also responsible for managing the access rights of other users. DAC is commonly used in operating systems, databases, networks, and other computer systems. It is also used in physical security systems, such as door locks, to control access to restricted areas., topic=null, hs_path=discretionary-access-control-dac}--
{tableName=glossary, name=Remediation, description= Remediation is the process of addressing a problem, issue, or deficiency in order to restore a system, process, or environment to an acceptable level of performance. It is commonly used in environmental engineering and restoration to refer to the restoration of a contaminated site to an acceptable level of contamination. In software engineering, it refers to the process of correcting errors or vulnerabilities in a system or application. In education, it is the process of providing support and instruction to students who are struggling to meet the academic standards of their grade level. In business, it is the process of correcting deficiencies in a process or system in order to improve performance. Remediation can also refer to the process of restoring a data system after a security breach or other malicious attack., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=remediation}--
{tableName=glossary, name=Cybersecurity Incident Report, description= A Cybersecurity Incident Report is an official document that is used to document the details of a cybersecurity incident. It typically includes an overview of the incident, the timeline of events, the affected systems, and the steps taken to mitigate the incident. This report is often used to provide a complete picture of the incident to management, IT personnel, and other stakeholders. It is also used to provide a detailed analysis of the incident and the actions taken to prevent similar incidents from occurring in the future. The report can also be used to provide evidence in the event of a legal action., topic=null, hs_path=cybersecurity-incident-report}--
{tableName=glossary, name=Nis Directive, description= NIS Directive is a directive issued by the European Union (EU) in 2018 which aims to improve the security of network and information systems across the EU. It applies to operators of essential services such as energy, transport, banking, healthcare and digital infrastructure, as well as digital service providers. The Directive requires these operators and service providers to take appropriate security measures, such as implementing risk management processes and incident reporting systems, in order to protect their systems and data from cyber-attacks. It also requires Member States to establish national computer security incident response teams and to cooperate with each other in order to ensure the security of network and information systems across the EU. The Directive is a key part of the EU's efforts to ensure a secure and resilient digital environment., topic=null, hs_path=nis-directive}--
{tableName=glossary, name=Incident, description= An incident is an event or occurrence that is not part of the normal operation of a system or organization. Incidents may be caused by human error, system failure, natural disasters, or other outside influences. They can range from minor inconveniences to major disasters. In any case, an incident should be documented and investigated to identify the root cause, determine the impact, and take corrective action to prevent similar incidents from occurring in the future., topic=null, hs_path=incident}--
{tableName=guides, name=NIST SP 800-53, description= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST, topic=null, hs_path=nist-sp-800-53}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...