Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Cyber Threat Intelligence and AI-Driven GRC: Your Cybersecurity Solution
On-demand Webinar

Cyber Threat Intelligence and AI-Driven GRC: Your ...

Join industry experts Dr. Heather Buker - Chief Technology Officer, 6clicks and Karla Reffold, General Manager, Orpheus Cyber as they delve into how o...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=comparison, name=ISO 27001 vs APRA CPS 234, description= ISO 27001 vs APRA CPS 234: Compare the two leading international information security standards. Learn the differences between ISO 27001 and APRA CPS 234., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-27001-vs-apra-cps-234}--
{tableName=glossary, name=Keystroke Logging, description= Keystroke logging is a process of tracking and recording the keys that are pressed on a computer keyboard. It is a form of surveillance technology used to monitor and record all keystrokes entered on a computer or device, including usernames, passwords, and other sensitive data. Keystroke logging can be used to gather information about a user's activity and behavior, as well as to gain access to protected or confidential information. Keystroke logging is often used by employers to monitor their employees' activities and to ensure that their computers are being used for work-related activities. It can also be used by hackers to gain access to a user's personal information and to gain access to a user's system. Keystroke logging can be used to track online activity, including websites visited, emails sent, and chats conducted. Additionally, it can be used to track physical activity, such as mouse movements, and to monitor user behavior, such as how long a user is active on a website or how often a user visits a specific website. Keystroke logging can be used to detect fraud and other malicious activities, as well as to detect unauthorized access to sensitive information., topic=null, hs_path=keystroke-logging}--
{tableName=glossary, name=Watering Hole Attack, description= A watering hole attack is a type of cyber attack that targets a specific group of users by compromising a website that they are known to visit. The attacker will infect the website with malicious code, such as malware, that can be used to gain access to the user's computer or network. The malicious code can be used to steal user data, install ransomware, or even launch further attacks. In some cases, the attacker may use the website to spread their malicious code to other users. Watering hole attacks can be difficult to detect and prevent, and they can be used to target specific individuals, organizations, or even entire countries., topic=null, hs_path=watering-hole-attack}--
{tableName=glossary, name=ISO/IEC Directives Part 2, description= ISO/IEC Directives Part 2 is a set of rules and procedures developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to ensure that standards created by the two organizations are developed and published in a consistent and effective manner. This part of the ISO/IEC Directives sets out the overall structure of the ISO/IEC standards development process, the roles and responsibilities of the various stakeholders, and the procedures for the development, approval, and publication of ISO/IEC standards. It also provides guidance on how to ensure that standards are developed in a transparent and open manner, and that the interests of all stakeholders are taken into consideration. The ISO/IEC Directives Part 2 also outlines the procedures for the review and withdrawal of standards, and the procedures for the registration and maintenance of ISO/IEC standards., topic=null, hs_path=iso-iec-directives-part-2}--
{tableName=glossary, name=Mitigating Controls For Risk Management, description= Mitigating controls for risk management are the actions or measures taken to reduce the likelihood of a risk occurring or its potential impact. These controls can be implemented at different stages of the risk management process, such as identifying, assessing, responding, and monitoring risks. Mitigating controls can include preventive measures, such as implementing security protocols or training staff, or corrective measures, such as developing a contingency plan or creating a risk mitigation plan. The goal of mitigating controls is to reduce the level of risk to an acceptable level., topic=null, hs_path=mitigating-controls-for-risk-management}--
{tableName=guides, name=Defence Industry Security Program (DISP), description= This guide provides an overview of the Defence Industry Security Program (DISP), outlining the requirements for security clearance and how to apply for a DISP security clearance., topic=null, hs_path=defence-industry-security-program-disp}--
ISO 27001
ISO 27001 vs APRA CPS 234

ISO 27001 vs APRA CPS 234: Compare the two leading international information security standards. Lea...

Keystroke Logging

Keystroke logging is a process of tracking and recording the keys that are pressed on a computer key...

Watering Hole Attack

A watering hole attack is a type of cyber attack that targets a specific group of users by compromis...

ISO/IEC Directives Part 2

ISO/IEC Directives Part 2 is a set of rules and procedures developed by the International Organizati...

Mitigating Controls For Risk Management

Mitigating controls for risk management are the actions or measures taken to reduce the likelihood o...

Defence Industry Security Program (DISP)

This guide provides an overview of the Defence Industry Security Program (DISP), outlining the requi...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks