Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinar

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Compliance Management, description= Compliance Management is the practice of ensuring that an organization is adhering to all applicable laws, regulations, standards, and ethical practices. It involves developing and implementing policies and procedures to ensure that the organization is in compliance with applicable laws, regulations, standards, and ethical practices. It also involves monitoring and enforcing the policies and procedures, conducting regular audits and reviews, and providing training and guidance to employees to ensure that they are in compliance. Compliance Management is an important part of any organization's overall risk management strategy and helps to ensure that the organization is operating in a safe and compliant manner., topic=null, hs_path=compliance-management}--
{tableName=glossary, name=Incident Response Tools, description= Incident Response Tools are software programs and applications that are designed to help organizations detect, investigate, analyze, and respond to cyber security incidents. These tools allow organizations to quickly identify and assess the scope of a security incident, as well as to develop and implement a response plan. Incident Response Tools typically include features such as network and host-based intrusion detection, log analysis, malware analysis, security incident correlation, and incident response automation. These tools can also enable organizations to quickly identify and assess the scope of a security incident, as well as to develop and implement a response plan. Additionally, Incident Response Tools can help organizations maintain compliance with industry standards, such as the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA)., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1683947994134, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}'}], hs_path=incident-response-tools}--
{tableName=comparison, name=NIST SP 800-53 vs NIST CSF, description=NIST SP 800-53 and NIST Cybersecurity Framework (CSF) are two frameworks for managing cybersecurity risk. Learn the differences between the two., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1683947942816, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}'}], hs_path=nist-sp-800-53-vs-nist-cybersecurity-framework-csf}--
{tableName=glossary, name=ISO/IEC Data Center, description= ISO/IEC Data Center is a facility that houses computer systems and associated components, such as telecommunications and storage systems. It generally includes redundant or backup power supplies, redundant data communications connections, environmental controls (e.g. air conditioning, fire suppression) and various security devices. The main purpose of a data center is to process, store, and distribute large amounts of data. Data centers are typically used by large organizations and businesses to store and process their data, including financial records, customer data, and other confidential information. ISO/IEC Data Centers are designed to adhere to the ISO/IEC standards for data center design, operation, and management. These standards provide guidelines for data center design, operation, and management that ensure the highest levels of reliability, availability, security, and performance. These standards also provide guidance on how to minimize the risk of data loss or corruption, and how to efficiently and securely manage and store data., topic=null, hs_path=iso-iec-data-center}--
{tableName=glossary, name=GDPR Risk Assessment, description= GDPR Risk Assessment is a comprehensive, systematic and documented process of evaluating the potential risks associated with the collection, storage, and processing of personal data under the General Data Protection Regulation (GDPR). This assessment is designed to identify, analyze, and document any risks to the privacy and security of personal data that may exist within a company's data processing activities. The assessment also includes an evaluation of the measures taken to mitigate or eliminate any identified risks. The GDPR Risk Assessment should be conducted by a qualified professional and should include the following steps: (1) Identifying the data processing activities that are subject to the GDPR; (2) Identifying any potential risks associated with the data processing activities; (3) Evaluating the measures taken to mitigate or eliminate the identified risks; (4) Documenting the assessment findings; and (5) Developing a plan of action to address any remaining risks. The GDPR Risk Assessment should be reviewed and updated regularly to ensure that any changes in the data processing activities are taken into account and that any new risks are identified and addressed., topic=null, hs_path=gdpr-risk-assessment}--
{tableName=glossary, name=Operational Risk Management (ORM), description= Operational Risk Management (ORM) is the process of identifying, assessing, and mitigating risks that can arise from the operations of an organization. It is an important part of an organization’s overall risk management strategy, and involves the identification, evaluation, and control of risks that can arise from the organization’s operations. ORM is a proactive approach to managing risks and encompasses a wide range of activities, including risk identification and assessment, risk control and monitoring, and risk response and recovery. ORM also involves the development and implementation of policies, procedures, and systems to effectively manage operational risks. The goal of ORM is to ensure that the organization’s operations remain safe, secure, and efficient, while minimizing losses and maximizing returns. ORM is a continuous process that requires ongoing monitoring and review to ensure that risks are identified and addressed in a timely and effective manner., topic=null, hs_path=operational-risk-management-orm}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...