Skip to content
🚨 6clicks is proud to be recognized as a Cool Vendor in the 2024 Gartner® Cool Vendors™ in Third-Party Risk Management Report!🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Eliminate GRC Reporting Nightmares
On-demand Webinar

Eliminate GRC Reporting Nightmares

Learn how to streamline GRC reporting and eliminate nightmares in our on-demand webinar, 'Eliminate GRC Reporting Nightmares.' Gain insights into effi...

Webinars

Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

Register Now
6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

Register Now
Q3 product showcase: Continuous Con...

On-demand Webinar

Q3 product showcase: Continuous Control Monitoring, Developer API, and more

Join our webinar for CISOs, risk and compliance professionals, and security teams to explore the latest 6clicks features...
date-icon

Aug 22, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

Information Security Registered Assessors Program (IRAP)

What is the information security registe...

What is IRAP? The Information Security Registered ...

Defence Industry Security Program (DISP)

What are the 5 levels of security cleara...

What is security clearance? Security clearance is ...

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

{tableName=glossary, name=NIST Controls, description= NIST Controls are a set of security guidelines developed by the National Institute of Standards and Technology (NIST) to help organizations protect their information systems, networks, and data. They provide a comprehensive framework of security requirements and best practices that organizations can use to protect their systems and data from malicious attacks, unauthorized access, and other cyber threats. NIST Controls are based on the NIST Cybersecurity Framework, which outlines five core functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a comprehensive approach to cybersecurity, helping organizations identify vulnerabilities and threats, develop appropriate security measures, detect and respond to incidents, and recover from them. NIST Controls also provide guidance on implementing security controls, including technical, administrative, and physical security measures., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1715624266851, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}', 15='{type=list, value=[{id=97620570503, name='NIST Cybersecurity Framework (CSF)'}]}'}], hs_path=nist-controls}--
{tableName=glossary, name=ISO/IEC Internal Audit, description= ISO/IEC Internal Audit is a systematic and independent assessment of an organization's quality management system, processes, and activities, to determine whether the organization is meeting its objectives and conforming to applicable standards and regulations. It includes a review of the organization's policies, procedures, and processes, and an assessment of the effectiveness of the organization's quality management system. It also includes an evaluation of the organization's internal control systems, risk management processes, and the accuracy and completeness of the organization's records. The internal audit process is designed to identify areas of non-conformance, areas of improvement, and to provide recommendations for corrective action. The objective of ISO/IEC Internal Audit is to ensure that the organization has effective quality management systems in place that meet its objectives and comply with applicable standards and regulations., topic=null, hs_path=iso-iec-internal-audit}--
{tableName=glossary, name=GDPR Requirements, description= The General Data Protection Regulation (GDPR) is a comprehensive data protection law that was adopted by the European Union (EU) in April 2016. It is designed to strengthen and unify data protection for individuals within the EU, while also giving individuals greater control over their personal data. The GDPR requirements apply to any organisation, regardless of size or location, that processes the personal data of individuals in the EU. This includes organisations that process data for marketing purposes, as well as those that process data for other purposes such as employee data, customer data, and health data. The GDPR requires organisations to be transparent about how they collect, use, store, and delete personal data, and to ensure that all personal data is processed in a secure and lawful manner. It also requires organisations to provide individuals with the right to access, rectify, erase, or restrict the processing of their personal data, as well as the right to data portability. Additionally, organisations must notify individuals of any data breaches that occur, and must obtain consent from individuals before processing their personal data. Finally, the GDPR requires organisations to appoint a data protection officer and to conduct data protection impact assessments prior to processing any personal data., topic=null, hs_path=gdpr-requirements}--
{tableName=glossary, name=Intrusion Prevention Systems (IPS), description= Intrusion Prevention Systems (IPS) are a type of network security technology that are designed to detect and prevent malicious activity on a network. IPS systems monitor network traffic for suspicious activity and can be configured to block or alert administrators of malicious activity. IPS systems can detect and stop a variety of network threats, including malware, worms, viruses, and unauthorized access attempts. They can also detect and stop malicious activities such as port scans, buffer overflows, and denial of service attacks. IPS systems can be deployed in either a passive or active mode, depending on the desired level of security. In passive mode, the IPS system monitors network traffic and takes no action, while in active mode, the IPS system can be configured to immediately block or alert administrators of suspicious activity. IPS systems can be deployed in either a hardware or software form, and are often used in conjunction with other security solutions such as firewalls, antivirus software, and intrusion detection systems., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=intrusion-prevention-systems-ips}--
{tableName=glossary, name=Cross Site Request Forgery (CSRF), description= Cross Site Request Forgery (CSRF) is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. It occurs when a malicious website, email, blog, or instant message contains a link, code, or other script that is unknowingly executed by a user's web browser. The malicious code may then perform actions on behalf of the user, such as changing account settings, transferring funds, or purchasing items without the user's knowledge or consent. CSRF exploits the trust that a website has in a user's browser, and can be used to manipulate a user into performing actions that they did not intend to do. CSRF attacks can be particularly dangerous because they often go undetected, as the user is unaware that their browser has been exploited. To prevent CSRF attacks, websites should implement measures such as token-based authentication or a CAPTCHA system to verify user requests., topic=null, hs_path=cross-site-request-forgery-csrf}--
{tableName=glossary, name=Activity Monitors, description= Activity Monitors are wearable devices that track and monitor physical activity. They measure and record activities such as steps taken, distance traveled, calories burned, and sleep patterns. Activity Monitors are commonly worn on the wrist, but can also be worn on the waist, ankle, or around the chest. They use sensors to track movement and calculate activity levels. Activity Monitors can be used to set goals and track progress, providing feedback to help users reach their fitness goals. They can also be used to monitor health, such as heart rate, blood pressure, and body temperature. Activity Monitors are becoming increasingly popular among athletes, fitness enthusiasts, and anyone looking to improve their physical health., topic=null, hs_path=activity-monitors}--
NIST Cybersecurity Framework (CSF)
NIST Controls

NIST Controls are a set of security guidelines developed by the National Institute of Standards and ...

ISO/IEC Internal Audit

ISO/IEC Internal Audit is a systematic and independent assessment of an organization's quality manag...

GDPR Requirements

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that was adopte...

Cybersecurity Risk Management
Intrusion Prevention Systems (IPS)

Intrusion Prevention Systems (IPS) are a type of network security technology that are designed to de...

Cross Site Request Forgery (CSRF)

Cross Site Request Forgery (CSRF) is a type of malicious exploit of a website whereby unauthorized c...

Activity Monitors

Activity Monitors are wearable devices that track and monitor physical activity. They measure and re...