Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Building intelligent vendor risk pr...

On-demand Webinar

Building intelligent vendor risk programs

Discover how to revolutionize your vendor risk management (VRM) processes with 6clicks' comprehensive solution in our on...
date-icon

May 29, 2024

location

Virtual

Mastering Security Compliance

On-demand Webinar

Mastering Security Compliance

Join our webinar to unlock the potential of AI-driven security compliance with 6clicks! Discover how to intelligently au...
date-icon

May 15, 2024

location

Virtual

See all webinars
{tableName=glossary, name=Asset Inventory, description= An asset inventory is a comprehensive list of all the physical and intangible assets owned by a business or individual. It includes all tangible assets such as cash, buildings, machinery, equipment, inventory, furniture, motor vehicles, and land. It also includes intangible assets such as intellectual property, copyrights, patents, trademarks, and other non-physical assets. An asset inventory also includes information on the location, condition, and estimated value of each asset. The purpose of an asset inventory is to provide a detailed record of the assets owned by a business or individual, as well as to provide a clear picture of the business’s financial status. This information can be used to make strategic decisions, plan for the future, and provide evidence of ownership in the event of a dispute or lawsuit., topic=null, hs_path=asset-inventory}--
{tableName=guides, name=UK Cyber Essentials, description= This authoritative guide provides a comprehensive overview of the UK Cyber Essentials scheme, a government-backed initiative that helps organisations protect themselves against the most common cyber threats. It covers the scheme’, topic=[{id=97620570522, createdAt=1673040885416, updatedAt=1715624535878, path='uk-cyber-essentials', name=' UK Cyber Security: Get the Essential Guide', 1='{type=string, value=UK Cyber Essentials}', 2='{type=string, value= This authoritative guide provides a comprehensive overview of the UK Cyber Essentials scheme, a government-backed initiative that helps organisations protect themselves against the most common cyber threats. It covers the scheme’}', 5='{type=string, value=This authoritative guide provides an in-depth look at the UK Cyber Essentials program, a set of security standards designed to protect organisations from cyber threats. It covers the five key areas of cyber security that organisations must adhere to in order to be certified under the program: secure configuration, boundary firewalls, access control, malware protection, and patch management. It provides a comprehensive overview of the program, including its purpose, requirements, and benefits. It also includes best practices for organisations to follow to ensure their systems are secure and compliant. Finally, it provides guidance on how to become certified under the program, as well as resources to help organisations stay up-to-date with the latest cyber security developments.}', 15='{type=list, value=[{id=97620570522, name='UK Cyber Essentials'}]}'}], hs_path=uk-cyber-essentials}--
{tableName=glossary, name=SOC 2 Controls, description= SOC 2 Controls are a set of security and privacy standards and procedures designed to protect the confidentiality, integrity, and availability of customer data. These controls are based on the AICPA's Trust Services Principles and Criteria, and are designed to help organizations protect their customer data and ensure that they are meeting their legal, regulatory, and contractual obligations. The controls cover five core areas: Security, Availability, Processing Integrity, Confidentiality, and Privacy. Organizations must demonstrate that they have implemented the necessary controls to protect customer data and meet the requirements of the Trust Services Principles and Criteria. The SOC 2 report is an independent assessment that is conducted by a third-party auditor and is used to validate an organization's compliance with the SOC 2 Controls., topic=null, hs_path=soc-2-controls}--
{tableName=comparison, name=PCI-DSS vs SOC 2, description= PCI-DSS and SOC 2 are two of the most important compliance standards for businesses. Learn the differences between them and how they can help you., topic=[{id=97620570502, createdAt=1673040885290, updatedAt=1715624259698, path='pci-dss', name=' PCI-DSS: A Guide to Meeting Security Requirements', 1='{type=string, value=PCI-DSS}', 2='{type=string, value=This guide provides an overview of the Payment Card Industry Data Security Standard (PCI-DSS) and the steps to take to ensure compliance with}', 5='{type=string, value=

This comprehensive guide provides a comprehensive overview of the Payment Card Industry Data Security Standard (PCI-DSS), a set of security standards designed to protect cardholder data and reduce the risk of data breaches. It covers the key components of the PCI-DSS, including the 12 requirements, the 6 goals, and the 6 core principles. It also provides a detailed description of the processes, technologies, and tools required to comply with the standard. Furthermore, the guide includes best practices for implementing the standard and provides resources to help organizations stay on top of the latest developments in the industry.

This guide provides a roadmap for achieving PCI-DSS compliance and maintaining a secure environment.

}', 15='{type=list, value=[{id=97620570502, name='PCI-DSS'}]}'}], hs_path=pci-dss-vs-soc-2}--
{tableName=glossary, name=ISO/IEC 27002 Security Policy, description= ISO/IEC 27002 Security Policy is a set of guidelines, procedures, and best practices that organizations use to protect their information assets. It is based on a framework of security controls that are designed to reduce the risk of unauthorized access, use, disclosure, disruption, modification, or destruction of information. The security policy outlines the organization’s security objectives and identifies the security controls that will be used to achieve those objectives. The policy also defines the roles and responsibilities of personnel involved in the security process, and outlines the procedures for responding to security incidents. ISO/IEC 27002 Security Policy provides organizations with a comprehensive approach to information security management., topic=null, hs_path=iso-iec-27002-security-policy}--
{tableName=glossary, name=ISO/IEC 27008, description= ISO/IEC 27008 is an international standard for information security management systems (ISMS) that provides guidelines for the implementation and management of security controls. It is part of the ISO/IEC 27000 family of standards and is based on the ISO/IEC 27002 code of practice for information security management. The standard provides guidance on the implementation and management of an ISMS, including the establishment of policies, objectives, and processes to ensure the security of information assets. It also outlines the roles and responsibilities of those involved in managing the ISMS, as well as the requirements for monitoring, reviewing, and improving the system. ISO/IEC 27008 is intended to help organizations protect their information assets and ensure compliance with applicable laws, regulations, and standards., topic=null, hs_path=iso-iec-27008}--

eBooks

GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...