Skip to content
🚨 6clicks is proud to be recognized as a Cool Vendor in the 2024 Gartner® Cool Vendors™ in Third-Party Risk Management Report!🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Eliminate GRC Reporting Nightmares
On-demand Webinar

Eliminate GRC Reporting Nightmares

Learn how to streamline GRC reporting and eliminate nightmares in our on-demand webinar, 'Eliminate GRC Reporting Nightmares.' Gain insights into effi...

Webinars

Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

Register Now
6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

Register Now
Q3 product showcase: Continuous Con...

On-demand Webinar

Q3 product showcase: Continuous Control Monitoring, Developer API, and more

Join our webinar for CISOs, risk and compliance professionals, and security teams to explore the latest 6clicks features...
date-icon

Aug 22, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

Information Security Registered Assessors Program (IRAP)

What is the information security registe...

What is IRAP? The Information Security Registered ...

Defence Industry Security Program (DISP)

What are the 5 levels of security cleara...

What is security clearance? Security clearance is ...

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

{tableName=glossary, name=Crimeware, description= Crimeware is malicious software (malware) designed to facilitate cybercrime. It is typically used by cybercriminals to gain unauthorized access to computer systems, steal confidential data, and/or extort money from victims. Crimeware can take many forms, including viruses, worms, Trojans, ransomware, spyware, and rootkits. It is often spread through phishing emails, malicious websites, and drive-by downloads. Crimeware is often used to steal financial information such as banking credentials, credit card numbers, and passwords, as well as confidential data such as trade secrets, medical records, and personal information. Crimeware can also be used to launch distributed denial-of-service (DDoS) attacks and to infect computers with ransomware, which locks users out of their systems until a ransom is paid. Crimeware is a major threat to individuals, businesses, and governments, and it is becoming increasingly sophisticated and difficult to detect., topic=null, hs_path=crimeware}--
{tableName=glossary, name=GDPR Requirements, description= The General Data Protection Regulation (GDPR) is a comprehensive data protection law that was adopted by the European Union (EU) in April 2016. It is designed to strengthen and unify data protection for individuals within the EU, while also giving individuals greater control over their personal data. The GDPR requirements apply to any organisation, regardless of size or location, that processes the personal data of individuals in the EU. This includes organisations that process data for marketing purposes, as well as those that process data for other purposes such as employee data, customer data, and health data. The GDPR requires organisations to be transparent about how they collect, use, store, and delete personal data, and to ensure that all personal data is processed in a secure and lawful manner. It also requires organisations to provide individuals with the right to access, rectify, erase, or restrict the processing of their personal data, as well as the right to data portability. Additionally, organisations must notify individuals of any data breaches that occur, and must obtain consent from individuals before processing their personal data. Finally, the GDPR requires organisations to appoint a data protection officer and to conduct data protection impact assessments prior to processing any personal data., topic=null, hs_path=gdpr-requirements}--
{tableName=glossary, name=ISO/IEC 27004, description= ISO/IEC 27004 is an international standard that provides guidance for the effective and efficient implementation of a measurement program for the management of information and communication technology (ICT) services. It outlines the principles, processes, and techniques for measuring and managing the quality of ICT services. This standard is applicable to all organizations, regardless of size, industry, or geographic location. It is intended to be used in conjunction with other standards, such as ISO/IEC 20000 and ISO/IEC 27001. The standard provides guidance on the selection, implementation, and maintenance of a measurement program, as well as the measurement of ICT service quality. It also outlines the criteria and methods for assessing the effectiveness of the measurement program. ISO/IEC 27004 provides guidance on the use of metrics and indicators to measure the quality of ICT services, as well as the interpretation and use of the results. In addition, it outlines the requirements for reporting and documenting the results of the measurement program., topic=null, hs_path=iso-iec-27004}--
{tableName=glossary, name=Enterprise Architecture, description= Enterprise Architecture (EA) is an integrated framework that defines the structure, processes, and systems of an organization, along with the relationships between them. It is a comprehensive approach to designing, planning, and implementing the technology, processes, and resources of an organization in order to meet its business objectives. EA also helps organizations to align their strategies and objectives with their technology investments in order to create value, reduce costs, and improve efficiency. It is a comprehensive blueprint of an organization's IT infrastructure and its alignment with the business strategy. It is designed to provide a holistic view of the organization's IT systems and their relationships to the organization's goals, objectives, and strategies. EA also helps organizations to identify and address potential risks and opportunities associated with their IT investments. It is an evolving discipline that includes the understanding of the organization's current and future business needs and the development of a comprehensive roadmap to achieve those goals., topic=null, hs_path=enterprise-architecture}--
{tableName=glossary, name=Information Security Assessment, description= An information security assessment is a comprehensive evaluation of an organization's ability to protect its information assets and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. It involves analyzing the organization's current security controls, policies, and procedures to identify any weaknesses or gaps in security that could potentially lead to a security breach. The assessment also includes an evaluation of the organization's ability to respond to and recover from a security incident. The goal of an information security assessment is to provide organizations with an accurate picture of their security posture and to identify areas of improvement that can be addressed to better protect their information assets and systems., topic=[{id=97620570504, createdAt=1673040885302, updatedAt=1715750255339, path='information-security-management-system', name=' ISMS Guide: Info Security Mgmt System Overview', 1='{type=string, value=Information Security Management System (ISMS)}', 2='{type=string, value= This authoritative guide provides a comprehensive overview of Information Security Management Systems (ISMS). It covers the fundamentals of ISMS, as well as best practices for implementing an effective ISMS. It also}', 5='{type=string, value=This guide provides a comprehensive overview of Information Security Management Systems (ISMS), which are designed to protect organizations from the risks for which information security, cybersecurity and privacy protection are required. It covers the fundamentals of ISMS, including the components of an ISMS, the process of implementing an ISMS, and the various requirements and standards associated with ISMS. It also covers the different types of security threats, the best practices for mitigating them, and the importance of having a robust ISMS in place. Finally, this guide provides practical advice on how to design and implement an effective ISMS, as well as how to maintain it over time. With this guide, readers will gain a deeper understanding of how to protect their organizations from cyber threats and ensure their data is secure.}', 15='{type=list, value=[{id=97620570504, name='Information Security Management System (ISMS)'}]}'}], hs_path=information-security-assessment}--
{tableName=comparison, name=GDPR vs NIST SP 800-53, description=GDPR and NIST SP 800-53 are two of the most important regulations for data privacy and security. Learn more about the differences between., topic=[{id=97620570523, createdAt=1673040885422, updatedAt=1715624542336, path='gdpr', name=' GDPR: A Comprehensive Guide to Compliance', 1='{type=string, value=GDPR}', 2='{type=string, value= This GDPR Guide provides an authoritative overview of the General Data Protection Regulation (GDPR) and how it affects businesses and organizations. It outlines the key principles of the GDPR and provides an}', 5='{type=string, value=This GDPR Guide provides a comprehensive overview of the European Union's General Data Protection Regulation (GDPR). It covers the full scope of the GDPR, including its purpose, scope, definitions, principles, rights, obligations, enforcement, and more. It also provides practical advice on how to comply with the GDPR, including best practices for data protection, data security, and data management. This guide is an essential resource for any organization that collects, stores, or processes personal data.}', 15='{type=list, value=[{id=97620570523, name='GDPR'}]}'}], hs_path=gdpr-vs-nist-sp-800-53}--
Crimeware

Crimeware is malicious software (malware) designed to facilitate cybercrime. It is typically used by...

GDPR Requirements

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that was adopte...

ISO/IEC 27004

ISO/IEC 27004 is an international standard that provides guidance for the effective and efficient im...

Enterprise Architecture

Enterprise Architecture (EA) is an integrated framework that defines the structure, processes, and s...

Information Security Management System (ISMS)
Information Security Assessment

An information security assessment is a comprehensive evaluation of an organization's ability to pro...

GDPR
GDPR vs NIST SP 800-53

GDPR and NIST SP 800-53 are two of the most important regulations for data privacy and security. Lea...