Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Webinars

Building intelligent vendor risk pr...

On-demand Webinar

Building intelligent vendor risk programs

Discover how to revolutionize your vendor risk management (VRM) processes with 6clicks' comprehensive solution in our on...
date-icon

May 29, 2024

location

Virtual

Q2 product showcase: Discover the n...

On-demand Webinar

Q2 product showcase: Discover the next wave of innovation

Join us for an exclusive webinar where our product managers unveil the latest advancements in our platform and provide i...
date-icon

Apr 17, 2024

location

Virtual

Introducing Hailey Assist: Your con...

On-demand Webinar

Introducing Hailey Assist: Your conversational AI assistant for GRC

Discover the power of Hailey Assist in our on-demand webinar. Learn how this conversational AI assistant revolutionizes ...
date-icon

Mar 28, 2024

location

Virtual

See all webinars
{tableName=glossary, name=Asset Security, description= Asset security is the protection of physical and digital assets from unauthorized access, use, disclosure, disruption, modification, or destruction. It involves the application of security controls to ensure the confidentiality, integrity, and availability of assets. Asset security is a critical component of an organization's overall security strategy, as it helps protect its data, systems, and networks from malicious actors. This includes protecting against malicious actors who may attempt to gain access to sensitive information, disrupt operations, or damage the organization's reputation. Asset security also helps organizations protect their investments in hardware, software, and intellectual property. It involves the implementation of technical controls such as firewalls, authentication, encryption, and access control systems, as well as the development of policies and procedures for asset management, such as asset tracking, inventory control, and asset disposal. Asset security also includes the monitoring of assets to detect any unauthorized access or suspicious activity., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=asset-security}--
{tableName=glossary, name=Data Leak, description= Data leak is the intentional or unintentional release of sensitive data to an unauthorized recipient. It can occur through a variety of methods, including hacking, malware, poor security practices, physical theft, or accidental disclosure. Data leaks can have serious consequences, including financial losses, reputational damage, and legal liabilities. In some cases, data leaks can even lead to the loss of life. Data leaks can be particularly damaging to organizations that handle sensitive information, such as healthcare providers, financial institutions, and government agencies. Organizations should take steps to ensure the security of their data, such as encrypting sensitive data, implementing access controls, and regularly monitoring for potential data leaks., topic=null, hs_path=data-leak}--
{tableName=glossary, name=ISO/IEC 27001 Scope, description= ISO/IEC 27001 Scope is a set of requirements for the implementation of an Information Security Management System (ISMS) that defines the boundaries of the system and its objectives. It is a framework that sets out the scope of the ISMS, the processes and procedures that will be used to manage the security of the organization’s information assets, and the resources that will be used to implement and maintain the system. The scope of the ISMS will be determined by the organization’s risk management process and should include, but not be limited to: the organization’s information assets, the security controls that will be implemented, the roles and responsibilities of personnel, the organizational structure, the procedures to be followed, the documentation and records to be maintained, and the implementation and monitoring of the system. The scope should also include the identification and assessment of risks, the implementation of measures to reduce those risks, the monitoring of the system and its effectiveness, and the continual improvement of the system., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-scope}--
{tableName=glossary, name=ISO/IEC /IEC 27001 Foundation, description= ISO/IEC 27001 Foundation is an international standard for Information Security Management Systems (ISMS) which provides the framework for organizations to establish, implement, maintain and continually improve an effective ISMS. It helps organizations to identify, assess and manage the risks associated with the use, storage, transmission and disposal of information. It also helps organizations to ensure that the confidentiality, integrity and availability of information is maintained. The standard covers the requirements for an ISMS, including the establishment of policies and procedures, the implementation of controls, and the monitoring of performance. It also provides guidance on how to develop an ISMS and how to assess the effectiveness of the system. The standard is applicable to all types of organizations, regardless of size, nature or sector., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-iec-27001-foundation}--
{tableName=glossary, name=Access Control System, description= An access control system is a security system that manages and monitors access to a physical facility, building, or area, or to a logical resource, such as a computer system, network, or application. Access control systems are typically used to control who can enter and exit a building, or who can access a particular area or resource. Access control systems can be as simple as a lock and key, or as complex as an integrated network of sensors, biometric readers, and computerized access control systems. Access control systems allow for the authorization of individuals to enter certain areas and the restriction of unauthorized individuals from entering those areas. Access control systems can also be used to monitor and control access to digital resources, such as computer networks, applications, and databases. Access control systems are used in a variety of settings, including government buildings, corporate offices, educational institutions, and private residences. Access control systems provide a layer of security, allowing for the monitoring and control of access to physical and digital resources., topic=null, hs_path=access-control-system}--
{tableName=glossary, name=Wardriving, description= Wardriving is a type of hacking that involves using a vehicle to search for and map wireless networks. It involves driving around with a laptop or other device that is equipped with a wireless network card, and scanning for wireless networks. The hacker then records the network's name, signal strength, and encryption type and stores it in a database. This information can be used to gain access to the network, if it is not properly secured. Wardriving is often used to gain access to networks with weak security, or to gain access to networks that are not owned by the hacker. It can also be used to identify vulnerable networks that can be used for malicious purposes. Wardriving is illegal in some countries, and can result in criminal charges for the perpetrator., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=wardriving}--

eBooks

GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...