Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Better manage your Defence Industry Security Program (DISP) with technology
On-demand Webinar

Better manage your Defence Industry Security Progr...

Join industry experts Andrew Robinson, Aaron Pollard and Shahyan Shabbir who will share their insights into how to better manage your Defence Industry...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Money Laundering, description= Money Laundering is the process of disguising illegally obtained funds so they appear to have been obtained from a legitimate source. It is typically done by transferring the money through a series of transactions and/or accounts to hide its origin. Common techniques used to launder money include structuring, smurfing, layering, and using offshore accounts. Money laundering is a crime in many countries and is used to finance activities such as drug trafficking, terrorism, and organized crime. Money laundering can also be used to hide illegal profits from legitimate businesses, such as tax evasion and embezzlement., topic=null, hs_path=money-laundering}--
{tableName=glossary, name=Operational Risk, description= Operational risk is the risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events. It is the risk of loss associated with inadequate or failed internal processes, people, and systems, or from external events. It encompasses a wide range of risks including strategic, compliance, reputational, financial, IT, and physical risks. Operational risk is a broad term that encompasses the risk of loss due to inadequate or failed internal processes, people, and systems, or from external events. It is the risk of losses resulting from inadequate or failed internal processes, people, and systems, or from external events. This includes risks associated with legal and regulatory compliance, financial losses, reputational damage, IT security breaches, and physical risks such as natural disasters. Operational risk management is the process of identifying, assessing, and mitigating operational risks in order to protect an organization’s assets and operations. This involves the development of policies and procedures, the implementation of risk management systems, and the monitoring of operational risks. Operational risk management is an essential component of any successful business, as it helps to ensure the safety and security of an organization’s resources and operations., topic=null, hs_path=operational-risk}--
{tableName=comparison, name=ISO 27001 vs NIST CSF, description= Compare the ISO 27001 and NIST Cybersecurity Framework (CSF) standards and learn how they can help protect your data and systems., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-27001-vs-nist-cybersecurity-framework-csf}--
{tableName=glossary, name=NIST Controls, description= NIST Controls are a set of security guidelines developed by the National Institute of Standards and Technology (NIST) to help organizations protect their information systems, networks, and data. They provide a comprehensive framework of security requirements and best practices that organizations can use to protect their systems and data from malicious attacks, unauthorized access, and other cyber threats. NIST Controls are based on the NIST Cybersecurity Framework, which outlines five core functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a comprehensive approach to cybersecurity, helping organizations identify vulnerabilities and threats, develop appropriate security measures, detect and respond to incidents, and recover from them. NIST Controls also provide guidance on implementing security controls, including technical, administrative, and physical security measures., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1683947893762, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}'}], hs_path=nist-controls}--
{tableName=glossary, name=Information Security Governance Benefits, description= Information security governance benefits refer to the advantages that organizations gain from implementing a comprehensive information security governance program. This program is designed to ensure that information security policies, procedures, and controls are in place to protect the confidentiality, integrity, and availability of an organization's information assets. The benefits of information security governance include improved risk management, better compliance with applicable laws and regulations, enhanced customer trust, improved operational efficiency, and improved employee morale. Additionally, an effective information security governance program can help an organization to identify and address potential security vulnerabilities, protect its information assets from unauthorized access, and reduce the costs associated with data breaches. Furthermore, an effective information security governance program can help to ensure that the organization is prepared to respond quickly and effectively to any security incidents that may occur., topic=null, hs_path=information-security-governance-benefits}--
{tableName=glossary, name=Common Vulnerability Scoring System (CVSS), description= The Common Vulnerability Scoring System (CVSS) is a standard for measuring and rating the severity of computer system security vulnerabilities. It is a numerical score ranging from 0 to 10, with 10 being the most severe. CVSS is used to compare the severity of different vulnerabilities and prioritize remediation efforts. It considers factors such as the complexity of the attack, the type of attack, the impact of the attack, the privileges needed to exploit the vulnerability, and the availability of the exploit. CVSS is designed to be vendor-neutral, so it can be used to evaluate vulnerabilities in any type of system or application. The CVSS score provides a consistent way to communicate the severity of a vulnerability, making it easier to compare and prioritize different vulnerabilities., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=common-vulnerability-scoring-system-cvss}--
Money Laundering

Money Laundering is the process of disguising illegally obtained funds so they appear to have been o...

Operational Risk

Operational risk is the risk of loss resulting from inadequate or failed internal processes, people,...

ISO 27001
ISO 27001 vs NIST CSF

Compare the ISO 27001 and NIST Cybersecurity Framework (CSF) standards and learn how they can help p...

NIST Cybersecurity Framework (CSF)
NIST Controls

NIST Controls are a set of security guidelines developed by the National Institute of Standards and ...

Information Security Governance Benefits

Information security governance benefits refer to the advantages that organizations gain from implem...

Vulnerability Management
Common Vulnerability Scoring System (CVSS)

The Common Vulnerability Scoring System (CVSS) is a standard for measuring and rating the severity o...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks