Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Effectively leverage artificial intelligence in your GRC initiatives​
On-demand Webinar

Effectively leverage artificial intelligence in yo...

Discover the power of AI in GRC with Dr. Heather Buker. Access our on-demand webinar for insights on effectively leveraging Artificial Intelligence to...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Cloud Infrastructure, description= Cloud Infrastructure is a type of computing infrastructure that provides shared computer processing resources and data to computers and other devices on demand over the internet. It is typically composed of a combination of hardware and software components, such as servers, storage, networks, and applications. Cloud Infrastructure allows users to access their data and applications from any device, anywhere in the world, with minimal setup and maintenance. It is designed to be highly scalable and cost-effective, allowing businesses to quickly and easily expand their computing resources as needed. Cloud Infrastructure also provides enhanced security, reliability, and performance, making it a popular choice for businesses of all sizes., topic=null, hs_path=cloud-infrastructure}--
{tableName=glossary, name=Australian Cyber Security Centre (ACSC), description= The Australian Cyber Security Centre (ACSC) is a government agency that works to protect Australia’s national security interests in cyberspace. It is a joint venture between the Australian Signals Directorate, the Australian Security Intelligence Organisation, the Australian Federal Police, and the Department of Home Affairs. The ACSC works to protect Australia’s national security interests in cyberspace by providing advice and assistance to government, industry and the public on cyber security. It is responsible for developing strategies to protect Australia’s critical infrastructure, managing cyber security incidents, and providing advice on how to respond to cyber threats and attacks. The ACSC also works with industry and the public to help them protect their digital assets and reduce their risk of cyber threats. It provides resources and guidance on cyber security best practices, as well as information on current cyber security threats. The ACSC works closely with other government agencies, industry and the public to ensure Australia’s cyber security is maintained and improved., topic=null, hs_path=australian-cyber-security-centre-acsc}--
{tableName=glossary, name=APRA CPS 234, description= APRA CPS 234 is an information security standard developed by the Australian Prudential Regulation Authority (APRA) to provide guidance on the security controls organizations should implement to protect their information and systems. The standard is based on the ISO/IEC 27002:2013 and provides a set of security requirements which organizations must comply with in order to protect their information assets. It covers topics such as access control, physical and environmental security, asset management, cryptography, system development and maintenance, incident management, and business continuity. APRA CPS 234 requires organizations to identify, assess and manage risk, and to develop and implement an information security program that meets the requirements of the standard. The standard also requires organizations to monitor, test and review their security controls on an ongoing basis., topic=[{id=97620570527, createdAt=1673040885446, updatedAt=1683947990333, path='apra-cps-234', name=' APRA CPS 234 Guide: Cyber Security Requirements', 1='{type=string, value=APRA CPS 234}', 2='{type=string, value= This guide provides a comprehensive overview of APRA CPS 234, the Australian Prudential Regulation Authority's (APRA) requirements for information security management. Learn how to protect your organisation's data}', 5='{type=string, value=The APRA CPS 234 Guide provides authoritative guidance to help organizations implement effective cybersecurity strategies. Written by the Australian Prudential Regulation Authority (APRA), this guide outlines the essential elements of a cyber security framework and outlines best practices for protecting data and systems from cyber threats. It provides detailed guidance on how to assess risk, implement safeguards, and respond to cyber incidents. The guide also includes information on how to develop policies and procedures, educate staff, and monitor cyber security performance. With this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=apra-cps-234}--
{tableName=comparison, name=NIST SP 800-53 vs GDPR, description=NIST SP 800-53 and GDPR are two important frameworks for information security and privacy. Learn their similarities and differences., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1683947942816, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}'}], hs_path=nist-sp-800-53-vs-gdpr}--
{tableName=glossary, name=Discretionary Access Control (DAC), description= Discretionary Access Control (DAC) is a type of access control in which a user's access to a system or resource is based upon the user's individual identity. This type of access control allows the user to make decisions about who can access the system or resource, and what type of access they can have. DAC is based on the principle of least privilege, which means that a user is only allowed access to the minimum amount of resources necessary to perform their job. The user is also responsible for managing the access rights of other users. DAC is commonly used in operating systems, databases, networks, and other computer systems. It is also used in physical security systems, such as door locks, to control access to restricted areas., topic=null, hs_path=discretionary-access-control-dac}--
{tableName=glossary, name=Consequence, description= Consequence is the result or effect of an action, decision, or set of circumstances. It is the outcome of a particular course of action and can either be positive or negative. Consequences can be immediate, such as the result of a choice made in the moment, or they can be far-reaching and long-term, such as the result of a decision made years ago. They can also be physical, mental, emotional, or spiritual in nature. Consequences can be direct, such as the result of a particular action, or indirect, such as the result of a decision made by someone else. Consequences are an integral part of life, as every action we take has a consequence that can shape our future and the future of those around us., topic=null, hs_path=consequence}--
Cloud Infrastructure

Cloud Infrastructure is a type of computing infrastructure that provides shared computer processing ...

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) is a government agency that works to protect Australia’s...

APRA CPS 234
APRA CPS 234

APRA CPS 234 is an information security standard developed by the Australian Prudential Regulation A...

NIST SP 800-53
NIST SP 800-53 vs GDPR

NIST SP 800-53 and GDPR are two important frameworks for information security and privacy. Learn the...

Discretionary Access Control (DAC)

Discretionary Access Control (DAC) is a type of access control in which a user's access to a system ...

Consequence

Consequence is the result or effect of an action, decision, or set of circumstances. It is the outco...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks