Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
How to enhance the governance of your company's cyber risk profile
On-demand Webinar

How to enhance the governance of your company's cy...

Our expert panelists Katherine Mansted from CyberXC, Peter Deans from Notwithoutrisk, and Andrew Robinson from 6clicks present their insights on cyber...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=NIST Controls, description= NIST Controls are a set of security guidelines developed by the National Institute of Standards and Technology (NIST) to help organizations protect their information systems, networks, and data. They provide a comprehensive framework of security requirements and best practices that organizations can use to protect their systems and data from malicious attacks, unauthorized access, and other cyber threats. NIST Controls are based on the NIST Cybersecurity Framework, which outlines five core functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a comprehensive approach to cybersecurity, helping organizations identify vulnerabilities and threats, develop appropriate security measures, detect and respond to incidents, and recover from them. NIST Controls also provide guidance on implementing security controls, including technical, administrative, and physical security measures., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1683947893762, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}'}], hs_path=nist-controls}--
{tableName=glossary, name=NIST Compliance, description= NIST Compliance is the process of verifying that an organization is adhering to the security standards and guidelines set forth by the National Institute of Standards and Technology (NIST). It involves assessing the organization’s security practices, procedures, and technologies to ensure they meet or exceed the NIST requirements. This includes verifying that the organization has the appropriate policies and procedures in place, that they are following those policies and procedures, and that they have the necessary tools and technologies to protect their networks and data. NIST Compliance also requires organizations to regularly review and update their security practices and technologies to keep up with the ever-changing landscape of cyber threats. By adhering to the NIST standards, organizations can ensure their systems and networks are secure, and that their data is protected., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1683947893762, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}'}], hs_path=nist-compliance}--
{tableName=glossary, name=Consequence, description= Consequence is the result or effect of an action, decision, or set of circumstances. It is the outcome of a particular course of action and can either be positive or negative. Consequences can be immediate, such as the result of a choice made in the moment, or they can be far-reaching and long-term, such as the result of a decision made years ago. They can also be physical, mental, emotional, or spiritual in nature. Consequences can be direct, such as the result of a particular action, or indirect, such as the result of a decision made by someone else. Consequences are an integral part of life, as every action we take has a consequence that can shape our future and the future of those around us., topic=null, hs_path=consequence}--
{tableName=glossary, name=Threat Modeling, description= Threat Modeling is a structured approach to identifying, analyzing, and responding to potential security threats in a system, network, or application. It is used to identify and assess threats, vulnerabilities, and risks, and to develop a strategy to mitigate them. The process typically involves analyzing the system architecture, identifying potential threats, assessing their likelihood and impact, and then determining the most appropriate countermeasures to reduce or eliminate the risks. Threat Modeling can also be used to identify and prioritize security requirements and to evaluate the security of existing systems. The goal of Threat Modeling is to reduce the attack surface of a system, network, or application and to protect it from malicious actors., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=threat-modeling}--
{tableName=glossary, name=Intrusion Detection Systems (IDS), description= An Intrusion Detection System (IDS) is a type of security software that monitors a network or system for malicious activity or policy violations. It gathers and analyzes information from various areas within a network or system to identify possible security breaches, which include both intrusions (attempts to compromise security) and misuse (violations of policy). The ultimate goal of an IDS is to detect, alert, and respond to any suspicious activity or policy violations. IDSs can be either signature-based or anomaly-based. Signature-based IDSs detect known malicious activities, such as a specific type of attack, by comparing the information gathered to a database of known attack signatures. Anomaly-based IDSs, on the other hand, detect suspicious activities by comparing the information gathered to a baseline of normal behavior. IDSs are typically deployed on networks, servers, and endpoints to monitor for malicious activity. They can also be used to detect and respond to insider threats and data exfiltration. IDSs can be used in conjunction with other security tools, such as firewalls, to provide a comprehensive security solution., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1683947994134, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}'}], hs_path=intrusion-detection-systems-ids}--
{tableName=guides, name=Vendor Risk Management, description= Vendor Risk Management Guide: Learn the fundamentals of vendor risk management and how to identify, assess, and mitigate risks associated with third-party vendors., topic=null, hs_path=vendor-risk-management}--
NIST Cybersecurity Framework (CSF)
NIST Controls

NIST Controls are a set of security guidelines developed by the National Institute of Standards and ...

NIST Cybersecurity Framework (CSF)
NIST Compliance

NIST Compliance is the process of verifying that an organization is adhering to the security standar...

Consequence

Consequence is the result or effect of an action, decision, or set of circumstances. It is the outco...

Vulnerability Management
Threat Modeling

Threat Modeling is a structured approach to identifying, analyzing, and responding to potential secu...

Cybersecurity Risk Management
Intrusion Detection Systems (IDS)

An Intrusion Detection System (IDS) is a type of security software that monitors a network or system...

Vendor Risk Management

Vendor Risk Management Guide: Learn the fundamentals of vendor risk management and how to identify, ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks