Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Cyber Threat Intelligence and AI-Driven GRC: Your Cybersecurity Solution
On-demand Webinar

Cyber Threat Intelligence and AI-Driven GRC: Your ...

Join industry experts Dr. Heather Buker - Chief Technology Officer, 6clicks and Karla Reffold, General Manager, Orpheus Cyber as they delve into how o...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=guides, name=Compliance Management, description=This guide provides an overview of the regulations and compliance requirements for businesses in the US, UK, AU and EU. Learn how to stay compliant and protect your business from potential legal issues., topic=null, hs_path=regulatory-compliance}--
{tableName=glossary, name=DOS Attack, description= A DOS attack (denial of service attack) is a malicious attempt to make a computer or network resource unavailable to its intended users. It typically involves flooding the target machine or network with useless requests in an attempt to overload the system and prevent legitimate requests from being processed. The goal of a DOS attack is to disrupt the normal functioning of a system, usually by temporarily or indefinitely disabling the service or resource. The most common type of DOS attack is the distributed denial of service (DDoS) attack, which is launched from multiple compromised systems. Other types of DOS attacks include ping flood, SYN flood, and teardrop attack. All DOS attacks are illegal and punishable by law., topic=null, hs_path=dos-attack}--
{tableName=glossary, name=Business Resilience, description= Business resilience is the ability of an organization to anticipate, prepare for, respond to, and recover from disruptions while maintaining continuous operations and safeguarding people, assets, and operations. It is the capacity to withstand and quickly recover from any kind of disruption, such as natural disasters, cyber-attacks, supply chain disruptions, or financial losses. Business resilience involves having the right strategies, processes, and systems in place to ensure a quick response to any kind of disruption. This includes having a well-defined plan of action, a well-trained and informed workforce, and the right technology and tools to help manage the situation. Business resilience also involves having the right resources to help the organization get back on its feet, such as financial resources, insurance, and the right partnerships and collaborations. Business resilience is an essential part of any organization’s risk management strategy and is key to its long-term success., topic=null, hs_path=business-resilience}--
{tableName=glossary, name=Incident Management Framework, description= Incident Management Framework is a set of processes, procedures, and systems that organizations use to manage and respond to incidents. It is an organized approach to addressing and resolving incidents quickly and efficiently. The framework typically includes the following components: incident identification, incident classification, incident response, incident resolution, and incident reporting. The goal of an incident management framework is to ensure that incidents are handled in a timely, consistent, and effective manner. It also helps to ensure that the organization is prepared to handle any potential incidents that may arise. This framework can help organizations to reduce the amount of time and resources required to respond to incidents, as well as to improve the organization's overall security posture., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1683947994134, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}'}], hs_path=incident-management-framework}--
{tableName=glossary, name=Risk Reduction, description= Risk Reduction is a process that seeks to reduce the probability and/or impact of an adverse event or outcome. It involves identifying risks and then taking steps to reduce or eliminate them. Risk reduction can be achieved through a variety of strategies, including avoidance, control, transfer, and/or acceptance. Avoidance means eliminating or avoiding the risk altogether. Control involves taking steps to reduce the likelihood of the risk occurring or the severity of its consequences. Transferring the risk involves transferring the responsibility for dealing with the risk to another party. Finally, risk acceptance means accepting the risk and its consequences and taking steps to minimize their impact. Risk reduction is an important component of any successful risk management program., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1683947919413, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}'}], hs_path=risk-reduction}--
{tableName=glossary, name=Cybersecurity Credentials, description= Cybersecurity credentials are a set of qualifications and certifications that a person or organization holds to demonstrate their knowledge and proficiency in the field of cybersecurity. These credentials may include certifications from industry-recognized organizations such as the International Information Systems Security Certification Consortium (ISC2), the Computing Technology Industry Association (CompTIA), the Certified Information Systems Security Professional (CISSP), and the Information Systems Audit and Control Association (ISACA). Cybersecurity credentials also may include certifications from universities and other educational institutions, as well as certifications from government agencies like the National Security Agency (NSA). Cybersecurity credentials are important for both individuals and organizations, as they demonstrate the expertise and knowledge of the holder in the field of cybersecurity and provide assurance that the holder is up-to-date on the latest security practices and technologies., topic=null, hs_path=cybersecurity-credentials}--
Compliance Management

This guide provides an overview of the regulations and compliance requirements for businesses in the...

DOS Attack

A DOS attack (denial of service attack) is a malicious attempt to make a computer or network resourc...

Business Resilience

Business resilience is the ability of an organization to anticipate, prepare for, respond to, and re...

Cybersecurity Risk Management
Incident Management Framework

Incident Management Framework is a set of processes, procedures, and systems that organizations use ...

Enterprise Risk Management
Risk Reduction

Risk Reduction is a process that seeks to reduce the probability and/or impact of an adverse event o...

Cybersecurity Credentials

Cybersecurity credentials are a set of qualifications and certifications that a person or organizati...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks