Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
How to implement an ISMS in 6clicks
On-demand Webinar

How to implement an ISMS in 6clicks

Join us for a live demo with our CSO, Andrew Robinson, as he showcases how our platform can simplify your ISMS implementation..

On-Demand Webinar

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=guides, name=NIST SP 800-53, description= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST, topic=null, hs_path=nist-sp-800-53}--
{tableName=glossary, name=Insider Threat Actors, description= The Insider Threat Actors are individuals within an organization that have access to sensitive information or systems that could be used to cause harm to the organization. These individuals may be malicious or accidental in their actions, but their actions can lead to data breaches, theft of intellectual property, or other security incidents. Insider threat actors can be current or former employees, contractors, vendors, or other third parties with access to the organization's networks or data. They can be malicious actors who deliberately use their access to gain unauthorized access to sensitive information or systems, or they can be accidental actors who unintentionally expose the organization to risk by not following security policies or procedures. Insider threat actors can also be malicious actors who use their access to steal intellectual property or other valuable assets. The goal of the Insider Threat Actors is to gain unauthorized access to sensitive information or systems, or to steal valuable assets from the organization., topic=null, hs_path=insider-threat-actors}--
{tableName=glossary, name=Attribute, description= Attribute: A characteristic or quality of a person, place, or thing that is used to describe or identify it. Attributes can be physical (such as height, weight, eye color, etc.), mental (such as intelligence, creativity, etc.), or emotional (such as kindness, empathy, etc.). Attributes can also refer to the qualities of an object or concept (such as size, shape, color, etc.). Attributes are used to describe or identify something, and can be used to make comparisons and judgments., topic=null, hs_path=attribute}--
{tableName=comparison, name=APRA CPS 234 vs SOC 2, description=APRA CPS 234 and SOC 2 are two frameworks for assessing and managing cyber security risks. Learn the differences between these two security standards., topic=[{id=97620570527, createdAt=1673040885446, updatedAt=1683947990333, path='apra-cps-234', name=' APRA CPS 234 Guide: Cyber Security Requirements', 1='{type=string, value=APRA CPS 234}', 2='{type=string, value= This guide provides a comprehensive overview of APRA CPS 234, the Australian Prudential Regulation Authority's (APRA) requirements for information security management. Learn how to protect your organisation's data}', 5='{type=string, value=The APRA CPS 234 Guide provides authoritative guidance to help organizations implement effective cybersecurity strategies. Written by the Australian Prudential Regulation Authority (APRA), this guide outlines the essential elements of a cyber security framework and outlines best practices for protecting data and systems from cyber threats. It provides detailed guidance on how to assess risk, implement safeguards, and respond to cyber incidents. The guide also includes information on how to develop policies and procedures, educate staff, and monitor cyber security performance. With this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=apra-cps-234-vs-soc-2}--
{tableName=glossary, name=NIST Cybersecurity Standards, description= NIST Cybersecurity Standards are a set of standards and guidelines developed by the National Institute of Standards and Technology (NIST) to help organizations protect their information and systems from cyber security threats. The NIST Cybersecurity Framework (CSF) is the primary set of standards, which provides a comprehensive approach to managing and protecting an organization’s data and assets. The CSF is divided into five core functions: Identify, Protect, Detect, Respond, and Recover. Each of these functions is further divided into categories and subcategories, each of which contains a set of security controls and best practices. The NIST Cybersecurity Framework is intended to help organizations identify, assess, and manage risks associated with cyber threats, and to develop and implement a robust security program that meets the organization’s specific needs. In addition to the CSF, NIST also provides additional guidance, tools, and resources to help organizations implement and maintain a secure environment., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1683947893762, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}'}], hs_path=nist-cybersecurity-standards}--
{tableName=glossary, name=Cyber-Risk Quantification, description= Cyber-Risk Quantification is a process of assessing the potential risks associated with a company’s digital assets, networks, and data. This process involves evaluating the likelihood of a cyber-attack or data breach, the potential financial, operational, and reputational losses that may result from such an attack, and the cost of implementing measures to mitigate the risk. Cyber-Risk Quantification also includes the identification and assessment of the vulnerabilities that could lead to a successful attack, the likelihood of a successful attack, and the potential damage that could be done by a successful attack. Cyber-Risk Quantification is an essential part of any company’s risk management strategy, and it helps organizations to identify and prioritize the risks they face, understand the threats they face, and make informed decisions about how to protect their digital assets, networks, and data., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=cyber-risk-quantification}--
NIST SP 800-53

This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control frame...

Insider Threat Actors

The Insider Threat Actors are individuals within an organization that have access to sensitive infor...

Attribute

Attribute: A characteristic or quality of a person, place, or thing that is used to describe or iden...

APRA CPS 234
APRA CPS 234 vs SOC 2

APRA CPS 234 and SOC 2 are two frameworks for assessing and managing cyber security risks. Learn the...

NIST Cybersecurity Framework (CSF)
NIST Cybersecurity Standards

NIST Cybersecurity Standards are a set of standards and guidelines developed by the National Institu...

Vulnerability Management
Cyber-Risk Quantification

Cyber-Risk Quantification is a process of assessing the potential risks associated with a company’s ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks