Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Information Security Controls, description= Information security controls are measures used to protect data and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. These controls can be implemented in hardware, software, network, and procedural methods. Examples of hardware controls include firewalls, intrusion detection systems, and physical access control systems. Examples of software controls include antivirus and antimalware software, encryption, and access control lists. Network controls include virtual private networks (VPNs), network segmentation, and network monitoring. Procedural controls include policies and procedures for data access and usage, user authentication, and incident response. Information security controls are essential for ensuring the confidentiality, integrity, and availability of digital data and systems., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=information-security-controls}--
{tableName=glossary, name=Risk Owner, description= Risk Owner is an individual or organization responsible for the identification, assessment, and management of risks associated with a given activity, project, or business process. The Risk Owner is responsible for monitoring and controlling the risk and for ensuring that it is mitigated or eliminated in a timely manner. The Risk Owner should have the authority to make decisions regarding the risk and should be held accountable for the results. The Risk Owner should also be able to communicate the risk to stakeholders and ensure that they understand the implications of the risk and the actions that need to be taken to reduce or eliminate it. The Risk Owner should also have the ability to define and implement risk management processes and procedures., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1715624292575, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}', 15='{type=list, value=[{id=97620570509, name='Enterprise Risk Management'}]}'}], hs_path=risk-owner}--
{tableName=guides, name=Australian Financial Services Compliance, description= This guide provides an overview of Australian Financial Services Compliance, including the regulatory framework and key compliance requirements. Get informed and stay up-to-date with the latest in financial services compliance., topic=[{id=97620570511, createdAt=1673040885347, updatedAt=1715624395980, path='australian-financial-services-compliance', name=' Australian Financial Services: Compliance Guide', 1='{type=string, value=Australian Financial Services Compliance}', 2='{type=string, value= This guide provides an overview of Australian Financial Services Compliance, including the regulatory framework and key compliance requirements. Get informed and stay up-to-date with the latest in financial services compliance.}', 5='{type=string, value=This guide provides an authoritative overview of the compliance requirements for financial services companies in Australia. It covers the regulations and guidelines under the Australian Securities and Investments Commission (ASIC), the Australian Prudential Regulation Authority (APRA) and other relevant legislation. It explains the obligations of financial services companies, their directors and officers, and their customers. It also provides guidance on how to meet compliance requirements, including the use of internal controls, risk management and other measures. This guide is an essential resource for anyone involved in the Australian financial services industry.}', 15='{type=list, value=[{id=97620570511, name='Australian Financial Services Compliance'}]}'}], hs_path=australian-financial-services-compliance}--
{tableName=comparison, name=SOC 2 vs PCI-DSS, description= SOC 2 and PCI-DSS are two important security standards for organizations. Learn the differences between them and how they can help you protect your data., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1715624490265, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}', 15='{type=list, value=[{id=97620570514, name='SOC 2'}]}'}], hs_path=soc-2-vs-pci-dss}--
{tableName=glossary, name=Keystroke Logging, description= Keystroke logging is a process of tracking and recording the keys that are pressed on a computer keyboard. It is a form of surveillance technology used to monitor and record all keystrokes entered on a computer or device, including usernames, passwords, and other sensitive data. Keystroke logging can be used to gather information about a user's activity and behavior, as well as to gain access to protected or confidential information. Keystroke logging is often used by employers to monitor their employees' activities and to ensure that their computers are being used for work-related activities. It can also be used by hackers to gain access to a user's personal information and to gain access to a user's system. Keystroke logging can be used to track online activity, including websites visited, emails sent, and chats conducted. Additionally, it can be used to track physical activity, such as mouse movements, and to monitor user behavior, such as how long a user is active on a website or how often a user visits a specific website. Keystroke logging can be used to detect fraud and other malicious activities, as well as to detect unauthorized access to sensitive information., topic=null, hs_path=keystroke-logging}--
{tableName=glossary, name=ISO/IEC Certifications, description= ISO/IEC certifications are a set of international standards for quality assurance and assurance of conformity. These certifications are designed to help organizations demonstrate that they have implemented processes, procedures and systems that meet the requirements of the ISO/IEC standards. ISO/IEC certifications are awarded by independent third-party organizations, such as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The ISO/IEC certifications are based on a set of criteria and requirements, which are designed to ensure that organizations are able to meet the highest level of quality and safety standards. The ISO/IEC certifications are used in a wide range of industries, including manufacturing, healthcare, finance, and information technology. By obtaining ISO/IEC certifications, organizations are able to demonstrate their commitment to quality and safety, while also providing assurance to their customers that their products and services meet the highest standards., topic=null, hs_path=iso-iec-certifications}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...