Skip to content
🚨 Upcoming webinar: AI and the Future of GRC featuring Ant Stevens and Michael Rasmussen 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
How to enhance the governance of your company's cyber risk profile
On-demand Webinar

How to enhance the governance of your company's cy...

Our expert panelists Katherine Mansted from CyberXC, Peter Deans from Notwithoutrisk, and Andrew Robinson from 6clicks present their insights on cyber...

Webinars

Unlocking smart value for MSPs: Fro...

On-demand Webinar

Unlocking smart value for MSPs: From assessment to full vCISO services

Join us for a webinar designed for Managed Service Providers (MSPs) to explore how 6clicks can transform your services. ...
date-icon

Jul 17, 2024

location

Virtual

Register Now
A look behind the scenes at the GRC...

On-demand Webinar

A look behind the scenes at the GRC practices of an AI-powered GRC company

Discover the inner workings of 6clicks' Governance, Risk, and Compliance (GRC) practices with our exclusive on-demand we...
date-icon

Jul 12, 2024

location

Virtual

Register Now
IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

What are the key steps involved in the i...

The internal audit process using 6clicks involves ...

What should be included in an ISO audit ...

An ISO audit checklist for cybersecurity complianc...

{tableName=comparison, name=APRA CPS 234 vs NIST CSF, description=Compare APRA CPS 234 and NIST CSF to understand the key differences in their approaches to cybersecurity. Learn how each framework can help protect., topic=[{id=97620570527, createdAt=1673040885446, updatedAt=1715624228283, path='apra-cps-234', name=' APRA CPS 234 Guide: Cyber Security Requirements', 1='{type=string, value=APRA CPS 234}', 2='{type=string, value= This guide provides a comprehensive overview of APRA CPS 234, the Australian Prudential Regulation Authority's (APRA) requirements for information security management. Learn how to protect your organisation's data}', 5='{type=string, value=The APRA CPS 234 Guide provides authoritative guidance to help organizations implement effective cybersecurity strategies. Written by the Australian Prudential Regulation Authority (APRA), this guide outlines the essential elements of a cyber security framework and outlines best practices for protecting data and systems from cyber threats. It provides detailed guidance on how to assess risk, implement safeguards, and respond to cyber incidents. The guide also includes information on how to develop policies and procedures, educate staff, and monitor cyber security performance. With this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570527, name='APRA CPS 234'}]}'}], hs_path=apra-cps-234-vs-nist-cybersecurity-framework-csf}--
{tableName=glossary, name=ISO/IEC 27001 Toolkit, description= ISO/IEC 27001 Toolkit is a collection of resources and documents designed to help organizations implement an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001 standard. It includes an ISMS manual, policies and procedures, a risk assessment template, audit checklists, and other related documents. The toolkit provides a comprehensive set of resources to help organizations design, implement, and maintain an effective ISMS that meets the requirements of the ISO/IEC 27001 standard. The toolkit also serves as a reference guide to help organizations understand the different elements of the ISO/IEC 27001 standard and how they can be implemented in practice., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-toolkit}--
{tableName=glossary, name=Operational Technology (OT), description= Operational Technology (OT) is a term used to refer to the hardware and software used to monitor and control physical devices and processes in an industrial setting. This includes programmable logic controllers (PLCs), distributed control systems (DCSs), supervisory control and data acquisition (SCADA) systems, and other industrial control systems (ICSs). OT is used in a variety of industries, including manufacturing, energy, transportation, and healthcare, to ensure the efficient and safe operation of industrial processes. OT systems are used to monitor and control physical devices such as pumps, valves, motors, and other equipment, as well as the processes that use these devices. OT systems are also used to collect data for analysis and reporting purposes, as well as for predictive maintenance. OT systems are typically connected to the Internet and other networks, allowing for remote access and control., topic=null, hs_path=operational-technology-ot}--
{tableName=glossary, name=NIST SP 800-53, description= NIST SP 800-53 is a set of security controls and guidelines developed by the National Institute of Standards and Technology (NIST). It provides a comprehensive set of security requirements for federal information systems and organizations. It is designed to help organizations protect their information systems from unauthorized access, modification, misuse, and destruction. The security controls are divided into 18 categories, with each category containing a set of security controls and associated implementation guidance. The categories include access control, audit and accountability, awareness and training, configuration management, contingency planning, identification and authentication, incident response, maintenance, media protection, physical and environmental protection, planning, personnel security, risk assessment, system and services acquisition, system and communications protection, system and information integrity, system and network security, and system and organization security. Each security control is further divided into sub-controls, with each sub-control having a set of implementation guidance and a baseline security requirement. The baseline security requirement defines the minimum level of security that must be achieved for each sub-control. NIST SP 800-53 also provides guidance on how to implement the security controls and provides a framework for developing a security program., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1715624498921, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}', 15='{type=list, value=[{id=97620570515, name='NIST SP 800-53'}]}'}], hs_path=nist-sp-800-53}--
{tableName=glossary, name=Network Segmentation, description= Network segmentation is the process of dividing a computer network into smaller segments or sub-networks in order to improve network performance, reduce network congestion, and increase security. Network segmentation involves the use of various technologies such as routers, switches, firewalls, and virtual LANs (VLANs) to create multiple sub-networks within the larger network. This allows for the creation of separate, isolated networks that can be used for specific tasks or applications, while still allowing the larger network to remain connected. By segmenting a network, it is possible to control access to resources, provide enhanced security, and improve overall network performance. Additionally, segmentation can help to reduce the risk of malicious attacks, such as distributed denial of service (DDoS) attacks, by isolating the vulnerable parts of the network. Network segmentation can also be used to provide better quality of service (QoS) for certain applications or services, such as VoIP or video streaming, by reserving a portion of the network for their exclusive use., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=network-segmentation}--
{tableName=glossary, name=GDPR, description= The General Data Protection Regulation (GDPR) is an EU regulation that came into effect on May 25th, 2018. It is a comprehensive data protection law that applies to all EU Member States and sets out the principles and rights that individuals have when it comes to their personal data. The GDPR also sets out the obligations of organizations and companies that process personal data, such as obtaining consent from individuals and ensuring that their data is secure. It also requires organizations to notify individuals about how their data is being used, and to provide individuals with the right to access, rectify, erase, and restrict the processing of their data. The GDPR also provides for the right to data portability, which allows individuals to move, copy, or transfer their data between different service providers. Finally, the GDPR also provides for data protection authorities in each EU Member State to enforce the regulations and investigate potential violations., topic=null, hs_path=gdpr}--
APRA CPS 234
APRA CPS 234 vs NIST CSF

Compare APRA CPS 234 and NIST CSF to understand the key differences in their approaches to cybersecu...

ISO 27001
ISO/IEC 27001 Toolkit

ISO/IEC 27001 Toolkit is a collection of resources and documents designed to help organizations impl...

Operational Technology (OT)

Operational Technology (OT) is a term used to refer to the hardware and software used to monitor and...

NIST SP 800-53
NIST SP 800-53

NIST SP 800-53 is a set of security controls and guidelines developed by the National Institute of S...

Vulnerability Management
Network Segmentation

Network segmentation is the process of dividing a computer network into smaller segments or sub-netw...

GDPR

The General Data Protection Regulation (GDPR) is an EU regulation that came into effect on May 25th,...

eBooks

Revolutionizing GRC with AI: Harnes...

eBook

Revolutionizing GRC with AI: Harnessing the power of LLM and RAG technologies

Download
GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks