Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinar

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Active Attack, description= An active attack is a type of cyber attack that attempts to alter, delete, or disrupt the availability of a computer system or its data. This type of attack is malicious in nature and is carried out by a hacker or group of hackers, who are often referred to as black hat hackers. Active attacks are different from passive attacks in that they involve direct manipulation of the system, such as exploiting vulnerabilities, rather than passively gathering information. These attacks can include denial of service attacks, malicious code injection, unauthorized access, and data manipulation. Active attacks are more difficult to detect and prevent than passive attacks, as they require more sophisticated techniques to be successful., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=active-attack}--
{tableName=glossary, name=Information Security Governance Benefits, description= Information security governance benefits refer to the advantages that organizations gain from implementing a comprehensive information security governance program. This program is designed to ensure that information security policies, procedures, and controls are in place to protect the confidentiality, integrity, and availability of an organization's information assets. The benefits of information security governance include improved risk management, better compliance with applicable laws and regulations, enhanced customer trust, improved operational efficiency, and improved employee morale. Additionally, an effective information security governance program can help an organization to identify and address potential security vulnerabilities, protect its information assets from unauthorized access, and reduce the costs associated with data breaches. Furthermore, an effective information security governance program can help to ensure that the organization is prepared to respond quickly and effectively to any security incidents that may occur., topic=null, hs_path=information-security-governance-benefits}--
{tableName=glossary, name=Computer Security Threats, description= Computer security threats are malicious attempts by individuals or organizations to gain unauthorized access to a computer system, network, or data. These threats can take many forms, including viruses, malware, phishing, and social engineering. They can be used to steal data, damage systems, or disrupt operations. Computer security threats can have a wide range of impacts, from minor inconveniences to devastating losses of data and financial losses. To protect against these threats, organizations must employ a variety of security measures, including firewalls, antivirus software, patch management, and user education., topic=null, hs_path=computer-security-threats}--
{tableName=glossary, name=Information Security Risk Management, description= Information Security Risk Management is the process of identifying, assessing, and controlling risks associated with the use of information systems. It involves analyzing the potential risks associated with the use of information systems, developing strategies to manage those risks, and implementing measures to protect the security of the information systems. Risk management includes assessing the likelihood of a security breach, evaluating the potential consequences of such a breach, and formulating a plan of action to reduce the risks. It also involves developing policies and procedures to ensure the security of information systems, establishing controls to prevent unauthorized access to information systems, monitoring security events, and responding to security incidents. Risk management is an ongoing process that must be regularly monitored and updated to ensure the security of information systems., topic=null, hs_path=information-security-risk-management}--
{tableName=glossary, name=Asset Security, description= Asset security is the protection of physical and digital assets from unauthorized access, use, disclosure, disruption, modification, or destruction. It involves the application of security controls to ensure the confidentiality, integrity, and availability of assets. Asset security is a critical component of an organization's overall security strategy, as it helps protect its data, systems, and networks from malicious actors. This includes protecting against malicious actors who may attempt to gain access to sensitive information, disrupt operations, or damage the organization's reputation. Asset security also helps organizations protect their investments in hardware, software, and intellectual property. It involves the implementation of technical controls such as firewalls, authentication, encryption, and access control systems, as well as the development of policies and procedures for asset management, such as asset tracking, inventory control, and asset disposal. Asset security also includes the monitoring of assets to detect any unauthorized access or suspicious activity., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1683947994134, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}'}], hs_path=asset-security}--
{tableName=glossary, name=Notifiable data breach, description= A notifiable data breach is an incident where there is unauthorized access to, or disclosure, of personal information, or a reasonable belief exists that such unauthorized access or disclosure has occurred. This type of breach is required to be reported to the relevant data protection authority or other regulatory body, depending on the jurisdiction in which it occurs. It can also be reported to the individuals whose data has been exposed, and to the public in some circumstances. Notifiable data breaches can occur due to a variety of reasons, including cyber-attacks, malicious insiders, human error, and system or process failures. The data involved can range from financial information and health records to intellectual property and other sensitive information. The consequences of a notifiable data breach can be significant, ranging from financial losses to reputational damage, and even regulatory fines in some cases. As such, organizations must have robust data security measures in place to protect against unauthorized access and disclosure of personal information, and they must be aware of the potential consequences of a data breach., topic=null, hs_path=notifiable-data-breach}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...