Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Mandatory Access Control (MAC), description= Mandatory Access Control (MAC) is an access control system that requires users to be explicitly identified and authorized before they can access any resources or information. It is a type of access control system that is enforced by a centralized authority, such as a system administrator, and is based on the classification and labeling of resources. MAC is a type of access control system that is based on a set of predetermined rules, rather than user-defined rules, and is typically used in highly secure environments, such as government or military networks. MAC prevents users from accessing resources or information that they are not authorized to access, and is often used in conjunction with other access control systems, such as Discretionary Access Control (DAC) or Role-Based Access Control (RBAC)., topic=null, hs_path=mandatory-access-control-mac}--
{tableName=comparison, name=ISO 27001 vs ASD Essential 8, description= ISO 27001 and ASD Essential 8 are two popular frameworks for protecting information and systems. Learn about the key differences and how to use them together., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-27001-vs-asd-essential-8}--
{tableName=glossary, name=ReDACtion, description= ReDACtion (noun): The process of reducing a piece of writing, such as a book, article, or essay, in order to make it more concise and easier to read. This process often involves removing redundant or unnecessary information, reorganizing the structure of the piece, and replacing complex words with simpler ones. ReDACtion is often used to make a piece of writing more accessible to a wider audience or to make it easier to understand., topic=null, hs_path=redaction}--
{tableName=glossary, name=Attack Surface, description= Attack Surface is the total sum of potential points of attack in a system, network, or application. It is the combination of hardware, software, and network configurations that can be targeted by an attacker. It includes all the services, ports, protocols, user interfaces, authentication mechanisms, and other components that are exposed to the outside world. Attack Surface can also be defined as the sum of all the vulnerabilities that exist in a system, network, or application. A large attack surface can increase the chances of a successful attack, as it provides more potential points of entry for an attacker. Therefore, reducing the attack surface of a system or application is an important part of any security strategy., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=attack-surface}--
{tableName=glossary, name=ISO/IEC Standards List, description= ISO/IEC Standards List is an international standard-setting body composed of representatives from various national standards organizations. It develops and publishes international standards for information technology and communications technologies, including software, computer hardware, and telecommunications. These standards are intended to ensure interoperability and compatibility between different systems, products, and services, and to ensure that information can be exchanged securely and reliably. The standards are developed through a consensus-based process involving experts from around the world. The standards are updated regularly to keep pace with technological advancements and changing needs., topic=null, hs_path=iso-iec-standards-list}--
{tableName=glossary, name=Essential 8 Maturity Model, description= The Essential 8 Maturity Model is a framework for organizations to use to assess and measure their cybersecurity maturity. It is based on eight key areas of security that organizations should focus on in order to reduce the risk of a successful cyber attack. The eight areas are: Patch Management, Application Whitelisting, Controlled Use of Administrative Privileges, Secure Configuration, Account Monitoring and Control, Data Protection, Malware Defense, and Application Control. Each of these areas is broken down into specific security controls that organizations should implement in order to improve their cybersecurity posture. The model also provides guidance on how to measure the maturity of each of the areas, allowing organizations to track their progress over time. The Essential 8 Maturity Model enables organizations to develop an effective, comprehensive cybersecurity strategy and to prioritize their security investments., topic=[{id=97620570506, createdAt=1673040885315, updatedAt=1685498674506, path='asd-essential-8', name=' ASD Essential 8 Guide: A Comprehensive Overview', 1='{type=string, value=ASD Essential 8}', 2='{type=string, value= This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help}', 5='{type=string, value=This authoritative guide provides an in-depth look at the ASD Essential 8 (E8), a set of eight measures developed by the Australian Signals Directorate (ASD) to protect organizations from cyber threats. It explores whether the ASD Essential 8 are mandatory or not for your organisations and covers the fundamentals of each of the eight measures, including the maturity levels, how to perform an assessment and implementation guidenace.}'}], hs_path=essential-8-maturity-model}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...