Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinar

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Crimeware, description= Crimeware is malicious software (malware) designed to facilitate cybercrime. It is typically used by cybercriminals to gain unauthorized access to computer systems, steal confidential data, and/or extort money from victims. Crimeware can take many forms, including viruses, worms, Trojans, ransomware, spyware, and rootkits. It is often spread through phishing emails, malicious websites, and drive-by downloads. Crimeware is often used to steal financial information such as banking credentials, credit card numbers, and passwords, as well as confidential data such as trade secrets, medical records, and personal information. Crimeware can also be used to launch distributed denial-of-service (DDoS) attacks and to infect computers with ransomware, which locks users out of their systems until a ransom is paid. Crimeware is a major threat to individuals, businesses, and governments, and it is becoming increasingly sophisticated and difficult to detect., topic=null, hs_path=crimeware}--
{tableName=glossary, name=Instant Communications Security And Compliance, description= Instant Communications Security and Compliance is the practice of implementing measures to ensure the security and compliance of digital communications, such as emails, text messages, and other forms of electronic communication. It involves using technologies, processes, and policies to protect data and communications from unauthorized access or alteration. It also involves ensuring that all communications comply with applicable laws and regulations. This includes ensuring that all data is stored securely, that all communications are encrypted, and that all communications are monitored and audited. Additionally, it involves establishing processes to ensure that all communications are compliant with applicable laws and regulations, and that any changes to the system are documented and approved. Finally, it involves providing training to users on how to properly use and protect digital communications., topic=null, hs_path=instant-communications-security-and-compliance}--
{tableName=glossary, name=Cybersecurity Credentials, description= Cybersecurity credentials are a set of qualifications and certifications that a person or organization holds to demonstrate their knowledge and proficiency in the field of cybersecurity. These credentials may include certifications from industry-recognized organizations such as the International Information Systems Security Certification Consortium (ISC2), the Computing Technology Industry Association (CompTIA), the Certified Information Systems Security Professional (CISSP), and the Information Systems Audit and Control Association (ISACA). Cybersecurity credentials also may include certifications from universities and other educational institutions, as well as certifications from government agencies like the National Security Agency (NSA). Cybersecurity credentials are important for both individuals and organizations, as they demonstrate the expertise and knowledge of the holder in the field of cybersecurity and provide assurance that the holder is up-to-date on the latest security practices and technologies., topic=null, hs_path=cybersecurity-credentials}--
{tableName=glossary, name=Cybersecurity Mesh Architecture, description= Cybersecurity Mesh Architecture is a system of distributed security solutions that provide layered protection for digital assets. It is designed to protect against malicious attacks and data breaches by creating a mesh of interconnected security components that can identify, detect, and respond to threats in real-time. It uses a combination of hardware and software components, such as firewalls, intrusion prevention systems, and encryption, to monitor and protect data and systems from unauthorized access. Cybersecurity Mesh Architecture is designed to be scalable and flexible, allowing organizations to customize their security solutions to fit their specific needs. Additionally, it can be deployed across multiple platforms and networks, making it an ideal solution for organizations with multiple locations or those that need to protect their data in the cloud., topic=null, hs_path=cybersecurity-mesh-architecture}--
{tableName=comparison, name=SOC 2 vs ASD Essential 8, description=SOC 2 vs ASD Essential 8: Compare the two standards to understand their differences & similarities. Learn which standard is best for your organization., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1683947939686, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}'}], hs_path=soc-2-vs-asd-essential-8}--
{tableName=glossary, name=Risk Management Process, description= Risk Management Process is a systematic approach to identifying, analyzing, and responding to risks associated with an organization's operations, projects, and investments. It involves assessing the likelihood and impact of potential risks, then developing strategies to manage those risks. Risk management is an ongoing process that seeks to minimize the impact of risks on an organization's objectives, while also maximizing the potential benefit of taking on certain risks. It involves identifying, evaluating, and responding to potential risks, as well as monitoring and reviewing the effectiveness of the risk management strategies. The process of risk management also involves communicating and consulting with stakeholders to ensure that risks are being managed effectively., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1683947919413, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}'}], hs_path=risk-management-process}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...