Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Webinars

Building intelligent vendor risk pr...

On-demand Webinar

Building intelligent vendor risk programs

Discover how to revolutionize your vendor risk management (VRM) processes with 6clicks' comprehensive solution in our on...
date-icon

May 29, 2024

location

Virtual

Q2 product showcase: Discover the n...

On-demand Webinar

Q2 product showcase: Discover the next wave of innovation

Join us for an exclusive webinar where our product managers unveil the latest advancements in our platform and provide i...
date-icon

Apr 17, 2024

location

Virtual

Introducing Hailey Assist: Your con...

On-demand Webinar

Introducing Hailey Assist: Your conversational AI assistant for GRC

Discover the power of Hailey Assist in our on-demand webinar. Learn how this conversational AI assistant revolutionizes ...
date-icon

Mar 28, 2024

location

Virtual

See all webinars
{tableName=glossary, name=COBIT Framework Goals, description= The COBIT Framework Goals are a set of high-level objectives that provide guidance on the desired outcomes of IT governance and management processes. They are used to define the scope of IT governance and management activities and to ensure that IT-related activities are aligned with the organization’s overall business objectives. The COBIT Framework Goals provide a comprehensive view of IT governance and management activities and are designed to enable organizations to optimize the use of IT resources to achieve their strategic objectives. The COBIT Framework Goals are divided into four domains: Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate. The Plan and Organize domain focuses on the strategic planning and organizational design of IT governance and management processes. The Acquire and Implement domain focuses on the procurement and implementation of IT systems. The Deliver and Support domain focuses on the delivery of IT services and the management of IT operations. The Monitor and Evaluate domain focuses on the monitoring and evaluation of IT performance. The COBIT Framework Goals are designed to provide organizations with a comprehensive view of IT governance and management activities and to ensure that IT-related activities are aligned with the organization’s overall business objectives., topic=null, hs_path=cobit-framework-goals}--
{tableName=glossary, name=Zero Day, description= Zero Day: A zero-day (also known as a zero-hour or zero-minute) vulnerability is a computer security vulnerability that is unknown to those who would be interested in mitigating the vulnerability (including the vendor of the target system). It is usually discovered by an independent security researcher or hacker and then made public, sometimes with working exploits. These vulnerabilities are extremely dangerous because they can be used by malicious actors to gain unauthorized access to a system or network, allowing them to steal data, install malware, or even take control of the system. Zero-day vulnerabilities are difficult to protect against because they are unknown to the target system's vendor, leaving the system vulnerable until a patch is released., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=zero-day}--
{tableName=glossary, name=Governance Risk & Compliance (GRC) Software, description= Governance, Risk & Compliance (GRC) Software is a type of software that provides organizations with a comprehensive set of tools to effectively manage their risk and compliance obligations. GRC Software helps organizations identify, assess, monitor, and manage their risks and compliance obligations in a systematic and organized manner. It can also provide organizations with a clear view of their current risk and compliance posture, as well as the ability to detect and respond to potential risks and compliance issues. GRC Software typically includes features such as risk assessment, audit management, policy management, and reporting. GRC Software can be used to ensure that organizations are meeting their legal, regulatory, and internal requirements, as well as helping them to identify and mitigate potential risks before they become problems. GRC Software is essential for organizations to ensure that they are compliant with applicable laws and regulations, as well as to protect their reputation and assets., topic=null, hs_path=governance-risk-compliance-grc-software}--
{tableName=glossary, name=Logic Bomb, description= A logic bomb is a malicious piece of code that is designed to cause damage to a computer system or disrupt its normal operations. It is usually triggered by a specific event or set of conditions, such as a specific date, a particular user action, or the passing of a certain amount of time. Once triggered, the logic bomb can delete data, corrupt files, or cause the system to crash. In some cases, logic bombs can even be used to spread malicious software to other systems. Logic bombs are usually created by skilled hackers or malicious software developers, and are usually difficult to detect and defend against., topic=null, hs_path=logic-bomb}--
{tableName=glossary, name=Discretionary Access Control (DAC), description= Discretionary Access Control (DAC) is a type of access control in which a user's access to a system or resource is based upon the user's individual identity. This type of access control allows the user to make decisions about who can access the system or resource, and what type of access they can have. DAC is based on the principle of least privilege, which means that a user is only allowed access to the minimum amount of resources necessary to perform their job. The user is also responsible for managing the access rights of other users. DAC is commonly used in operating systems, databases, networks, and other computer systems. It is also used in physical security systems, such as door locks, to control access to restricted areas., topic=null, hs_path=discretionary-access-control-dac}--
{tableName=guides, name=CMMC, description= This authoritative guide provides an in-depth look at the Cybersecurity Maturity Model Certification (CMMC) certification process. It covers the different levels of certification, the requirements for each level,, topic=[{id=101262800501, createdAt=1673586997136, updatedAt=1715624211458, path='cmmc', name=' Cybersecurity: CMMC Certification Guide', 1='{type=string, value=CMMC}', 2='{type=string, value= This authoritative guide provides an in-depth look at the Cybersecurity Maturity Model Certification (CMMC) certification process. It covers the different levels of certification, the requirements for each level,}', 5='{type=string, value=This guide provides an authoritative overview of the Cybersecurity Maturity Model Certification (CMMC) program. It explains the five levels of CMMC, the requirements for each level, and the steps organizations can take to become certified. It also provides a detailed overview of the certification process, the benefits of certification, and the resources available to organizations seeking certification. Finally, the guide provides best practices for implementing and maintaining cybersecurity standards, as well as guidance on how to prepare for a CMMC audit. This guide is an essential resource for organizations looking to protect their data and systems from cyber threats.}', 15='{type=list, value=[{id=101262800501, name='CMMC'}]}'}], hs_path=cmmc}--

eBooks

GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...