Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

6clicks product roadshow: Discover ...

On-demand Webinar

6clicks product roadshow: Discover the latest updates

Gain exclusive insights into the latest advancements on the 6clicks platform, starting with our integration with Wiz and...
date-icon

Oct 31, 2024

location

Virtual

Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

See all webinars
{tableName=glossary, name=Cybersecurity Reports, description= Cybersecurity Reports are documents that provide detailed information about the security status of an organization's digital assets and infrastructure. They typically include an assessment of the organization's current security posture, the potential risks and vulnerabilities it faces, and the recommended steps for mitigating those risks. Cybersecurity Reports can also include information about the organization's compliance with applicable laws and regulations, as well as any other relevant information that could affect its security posture. Cybersecurity Reports are an important tool for organizations to use in order to stay informed and up-to-date on the latest security threats and vulnerabilities, as well as to ensure their security posture is in line with current industry standards., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=cybersecurity-reports}--
{tableName=glossary, name=NIST 800-53 Control Families, description= NIST 800-53 Control Families are a set of security controls developed by the National Institute of Standards and Technology (NIST) to provide a standardized approach to information security management. The controls are organized into 18 families, which are further divided into subcategories. These families are: Access Control, Awareness and Training, Audit and Accountability, Configuration Management, Contingency Planning, Identification and Authentication, Incident Response, Maintenance, Media Protection, Physical and Environmental Protection, Personnel Security, Risk Assessment, Security Assessment and Authorization, System and Communications Protection, System and Information Integrity, System and Services Acquisition, System and Services Development, and System and Information Security Management. Each family includes a set of security controls that are intended to protect an organization’s information system from unauthorized access, use, disclosure, disruption, modification, or destruction. The controls are designed to be applicable to any organization, regardless of size or industry. The NIST 800-53 Control Families provide a comprehensive framework for organizations to assess their information security posture and take appropriate measures to protect their information systems., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1715624498921, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}', 15='{type=list, value=[{id=97620570515, name='NIST SP 800-53'}]}'}], hs_path=nist-800-53-control-families}--
{tableName=glossary, name=Risk Center, description= Risk Center is a term used to refer to a centralized location for managing, analyzing, and mitigating risk. It is the focal point for risk management activities within an organization and is responsible for establishing and maintaining a risk management framework. The Risk Center is responsible for developing and implementing policies, procedures, and processes to identify, assess, and monitor risk across the organization. It also ensures compliance with applicable regulations and standards and provides guidance on risk management best practices. The Risk Center also monitors and reports on risk levels and provides recommendations for risk mitigation strategies. Finally, the Risk Center may also provide training and education on risk management topics to ensure that the organization is prepared to respond to and manage risk., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1715624292575, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}', 15='{type=list, value=[{id=97620570509, name='Enterprise Risk Management'}]}'}], hs_path=risk-center}--
{tableName=glossary, name=Compliance Automation Software, description= Compliance Automation Software is a type of software designed to automate the process of ensuring compliance with regulations and standards. It typically includes features like automated document generation, data collection, monitoring, and reporting to help organizations meet regulatory requirements. Compliance Automation Software can also be used to automate the process of tracking and verifying compliance with internal policies and procedures. This type of software is used by companies in a variety of industries, such as healthcare, finance, and manufacturing, to ensure compliance with government regulations and industry standards. By automating the process of compliance, Compliance Automation Software can help organizations save time, money, and resources., topic=null, hs_path=compliance-automation-software}--
{tableName=glossary, name=ISO/IEC 27005 And ISRM, description= ISO/IEC 27005 is an international standard that provides guidance on information security risk management (ISRM). It is designed to help organizations understand, manage, and reduce the risks associated with their information security activities. The standard focuses on the principles and processes of risk management, and provides guidance on the selection and implementation of risk management activities. It also provides guidance on the integration of risk management into the overall management system of an organization. ISO/IEC 27005 is based on the ISO/IEC 27001 standard, which provides a framework for the implementation of information security management systems. The standard is applicable to any organization, regardless of size, type, or sector. It is intended to help organizations identify and manage the risks associated with their information security activities, and to ensure that appropriate measures are taken to protect their information assets. The standard provides guidance on the assessment of risk, the development of risk management plans, and the implementation and monitoring of risk management measures., topic=null, hs_path=iso-iec-27005-and-isrm}--
{tableName=comparison, name=GDPR vs NIST SP 800-53, description=GDPR and NIST SP 800-53 are two of the most important regulations for data privacy and security. Learn more about the differences between., topic=[{id=97620570523, createdAt=1673040885422, updatedAt=1715624542336, path='gdpr', name=' GDPR: A Comprehensive Guide to Compliance', 1='{type=string, value=GDPR}', 2='{type=string, value= This GDPR Guide provides an authoritative overview of the General Data Protection Regulation (GDPR) and how it affects businesses and organizations. It outlines the key principles of the GDPR and provides an}', 5='{type=string, value=This GDPR Guide provides a comprehensive overview of the European Union's General Data Protection Regulation (GDPR). It covers the full scope of the GDPR, including its purpose, scope, definitions, principles, rights, obligations, enforcement, and more. It also provides practical advice on how to comply with the GDPR, including best practices for data protection, data security, and data management. This guide is an essential resource for any organization that collects, stores, or processes personal data.}', 15='{type=list, value=[{id=97620570523, name='GDPR'}]}'}], hs_path=gdpr-vs-nist-sp-800-53}--