Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Delivering Hub & Spoke GRC in Distributed & Autonomous Business
On-demand Webinar

Delivering Hub & Spoke GRC in Distributed &...

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and is ready to share his findings....

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Watering Hole Attack, description= A watering hole attack is a type of cyber attack that targets a specific group of users by compromising a website that they are known to visit. The attacker will infect the website with malicious code, such as malware, that can be used to gain access to the user's computer or network. The malicious code can be used to steal user data, install ransomware, or even launch further attacks. In some cases, the attacker may use the website to spread their malicious code to other users. Watering hole attacks can be difficult to detect and prevent, and they can be used to target specific individuals, organizations, or even entire countries., topic=null, hs_path=watering-hole-attack}--
{tableName=glossary, name=Cloud Security, description= Cloud Security is the process of protecting data, applications, and infrastructure that are stored in the cloud from unauthorized access, misuse, and data loss. This involves the use of various security measures such as encryption, authentication, access control, and monitoring to ensure that data stored in the cloud is secure. Cloud security also involves the implementation of policies and procedures to ensure that cloud-based services are being used in a secure and compliant manner. Cloud security is an important part of any organization’s overall security strategy, as it can help protect sensitive data and applications from malicious threats and unauthorized access., topic=null, hs_path=cloud-security}--
{tableName=glossary, name=ISO/IEC 27002 Benefits, description= ISO/IEC 27002 Benefits is a set of information security management best practices that provide organizations with a framework for developing, implementing, managing and maintaining an effective security management system. This framework is based on the ISO/IEC 27002 standard, which is an internationally recognized standard for information security management. ISO/IEC 27002 Benefits provides organizations with a comprehensive set of security controls that are tailored to the specific needs and objectives of the organization. These controls are designed to protect the organization’s information assets, such as its networks, systems and data, from unauthorized access, use, modification, disclosure, or destruction. Additionally, ISO/IEC 27002 Benefits helps organizations create a culture of security awareness by providing guidance on how to develop, implement and maintain an effective security management system. This includes guidance on security policies and procedures, security risk management, security training and education, and incident response. Ultimately, ISO/IEC 27002 Benefits enables organizations to protect their information assets and maintain a secure environment for their staff, customers and partners., topic=null, hs_path=iso-iec-27002-benefits}--
{tableName=glossary, name=Crimeware, description= Crimeware is malicious software (malware) designed to facilitate cybercrime. It is typically used by cybercriminals to gain unauthorized access to computer systems, steal confidential data, and/or extort money from victims. Crimeware can take many forms, including viruses, worms, Trojans, ransomware, spyware, and rootkits. It is often spread through phishing emails, malicious websites, and drive-by downloads. Crimeware is often used to steal financial information such as banking credentials, credit card numbers, and passwords, as well as confidential data such as trade secrets, medical records, and personal information. Crimeware can also be used to launch distributed denial-of-service (DDoS) attacks and to infect computers with ransomware, which locks users out of their systems until a ransom is paid. Crimeware is a major threat to individuals, businesses, and governments, and it is becoming increasingly sophisticated and difficult to detect., topic=null, hs_path=crimeware}--
{tableName=glossary, name=Hacker, description= A hacker is an individual who uses their technical knowledge to gain unauthorized access to computer systems, networks, or other digital resources. They may use their skills to explore and manipulate a system, or to gain access to data or information that is not intended to be publicly available. Hackers are not necessarily malicious, and may use their technical knowledge to find vulnerabilities in systems and networks and report them to the appropriate authorities. Hackers may also use their skills to create beneficial applications and products, such as software and websites., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=hacker}--
{tableName=guides, name=NIST SP 800-171, description= This guide provides an overview of NIST SP 800-171, a cybersecurity standard for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. Learn about the security, topic=null, hs_path=nist-sp-800-171}--
Watering Hole Attack

A watering hole attack is a type of cyber attack that targets a specific group of users by compromis...

Cloud Security

Cloud Security is the process of protecting data, applications, and infrastructure that are stored i...

ISO/IEC 27002 Benefits

ISO/IEC 27002 Benefits is a set of information security management best practices that provide organ...

Crimeware

Crimeware is malicious software (malware) designed to facilitate cybercrime. It is typically used by...

Vulnerability Management
Hacker

A hacker is an individual who uses their technical knowledge to gain unauthorized access to computer...

NIST SP 800-171

This guide provides an overview of NIST SP 800-171, a cybersecurity standard for protecting Controll...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks