Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

Q3 product showcase: Continuous Con...

On-demand Webinar

Q3 product showcase: Continuous Control Monitoring, Developer API, and more

Join our webinar for CISOs, risk and compliance professionals, and security teams to explore the latest 6clicks features...
date-icon

Aug 22, 2024

location

Virtual

See all webinars
{tableName=glossary, name=Passive Attack, description= A passive attack is a type of cyber attack that does not involve the direct manipulation of an information system or its data, but instead uses existing vulnerabilities to gain access to resources, such as user accounts, confidential information, or networks. Passive attacks are typically used to gain access to a system or network, or to gain intelligence about the system or network, such as what kind of data is stored, who has access to it, and what services are running. Examples of passive attacks include eavesdropping on unencrypted communications, exploiting weak passwords, and analyzing network traffic for sensitive information. In contrast to active attacks, passive attacks are difficult to detect because the attacker does not leave any evidence of their activity., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=passive-attack}--
{tableName=glossary, name=ISO/IEC Compliance, description= ISO/IEC compliance is the adherence to international standards and guidelines set forth by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). These standards are designed to ensure that products, services, and processes meet certain requirements and are consistent across different countries and organizations. ISO/IEC compliance is important for businesses, as it ensures that products and services are safe, reliable, and of high quality. It also helps to protect the environment and promote global trade. Compliance with ISO/IEC standards is usually achieved through certification and auditing processes, which involve testing and verification of products and services to ensure they meet the standards set forth. Compliance is also monitored through regular reviews and updates of the standards., topic=null, hs_path=iso-iec-compliance}--
{tableName=glossary, name=COBIT Framework Goals, description= The COBIT Framework Goals are a set of high-level objectives that provide guidance on the desired outcomes of IT governance and management processes. They are used to define the scope of IT governance and management activities and to ensure that IT-related activities are aligned with the organization’s overall business objectives. The COBIT Framework Goals provide a comprehensive view of IT governance and management activities and are designed to enable organizations to optimize the use of IT resources to achieve their strategic objectives. The COBIT Framework Goals are divided into four domains: Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate. The Plan and Organize domain focuses on the strategic planning and organizational design of IT governance and management processes. The Acquire and Implement domain focuses on the procurement and implementation of IT systems. The Deliver and Support domain focuses on the delivery of IT services and the management of IT operations. The Monitor and Evaluate domain focuses on the monitoring and evaluation of IT performance. The COBIT Framework Goals are designed to provide organizations with a comprehensive view of IT governance and management activities and to ensure that IT-related activities are aligned with the organization’s overall business objectives., topic=null, hs_path=cobit-framework-goals}--
{tableName=glossary, name=Thin Client, description= A thin client is a computer or device that relies on a server to perform its computing tasks. It is typically used in an environment where the user accesses applications and data stored on a remote server, rather than on the local machine. Thin clients are typically much less expensive than traditional PCs and are used in a variety of settings, such as government offices, educational institutions, and businesses. They are also used in home networks, where they provide access to shared files and applications. Thin clients are often used in cloud computing environments, where multiple users can access the same applications and data stored on a remote server. Thin clients are typically much more secure than traditional PCs, as they are not able to store data or applications locally., topic=null, hs_path=thin-client}--
{tableName=glossary, name=Data Integrity, description= Data Integrity is the assurance that data is complete, accurate, and reliable throughout its lifecycle. It is the process of ensuring that data is not corrupted, compromised, or altered in any way. Data Integrity is achieved through a combination of technical and administrative measures that prevent unauthorized access to data and protect it from being modified, deleted, or otherwise corrupted. Data Integrity also ensures that data is stored and maintained in its original form, and that any changes made to the data are done in a controlled and secure manner. Data Integrity is essential for the successful operation of any system that relies on data for its functioning. Data Integrity is critical for the accuracy and reliability of data, as well as for the security of data and the protection of information., topic=null, hs_path=data-integrity}--
{tableName=glossary, name=SOC 2 Trust Principles, description= SOC 2 Trust Principles are a set of criteria used to evaluate and assess the security, availability, processing integrity, confidentiality, and privacy of a service organization’s systems and services. The Trust Principles are based on the American Institute of Certified Public Accountants’ (AICPA) Trust Services Principles and Criteria, which are designed to provide assurance about the security, availability, and privacy of a service organization’s systems and services. The SOC 2 Trust Principles are focused on the security, availability, processing integrity, confidentiality, and privacy of a service organization’s systems, services, and data. The Trust Principles are used to assess the design, implementation, and operating effectiveness of a service organization’s controls, procedures, and systems. The Trust Principles are designed to help service organizations develop, maintain, and demonstrate effective security, availability, processing integrity, confidentiality, and privacy of their systems and services., topic=null, hs_path=soc-2-trust-principles}--