Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
How Can a vCISO Help Protect Your Network?
On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massive turnover has led to outsour...

On-Demand Webinar

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=ISO/IEC 27002, description= ISO/IEC 27002 is an internationally recognized standard for information security management. It provides a comprehensive set of controls that organizations can use to protect their information assets. It is the successor to the original ISO/IEC 17799:2005 standard, which was the first international standard for information security management. ISO/IEC 27002 provides guidance on how organizations can manage the security of their information assets, including the selection, implementation, and monitoring of appropriate controls. It covers areas such as risk assessment, access control, asset management, physical and environmental security, cryptography, incident management, and business continuity. The standard is organized into 14 domains, each of which contains a set of control objectives and controls. The control objectives provide organizations with the framework they need to identify, assess, and manage their information security risks. The controls provide organizations with the specific security measures they need to put in place to protect their information assets. ISO/IEC 27002 is an important tool for organizations looking to protect their information assets and ensure compliance with applicable regulations and industry standards., topic=null, hs_path=iso-iec-27002}--
{tableName=glossary, name=Data Protection Impact Assessment (DPIA), description= Data Protection Impact Assessment (DPIA) is a process used to identify, assess, and manage data protection risks within an organization. It is an important tool for organizations to ensure that personal data is processed in accordance with the applicable data protection laws and regulations. A DPIA is a risk-based assessment that helps organizations to identify and mitigate any potential risks associated with the processing of personal data. It is used to evaluate the necessity and proportionality of the processing activities, to identify and assess the potential risks to the rights and freedoms of individuals, and to identify any measures necessary to address those risks. The DPIA should be conducted before the processing of personal data begins and should be updated periodically to ensure that the risks are managed and minimized. The DPIA should include the identification of the data controller and processor, the purpose of the data processing, the categories of personal data to be processed, the recipients of the data, the duration of the data processing, the security measures in place, and the measures taken to protect the rights of the data subjects., topic=null, hs_path=data-protection-impact-assessment-dpia}--
{tableName=glossary, name=Information Security, description= Information security is the practice of protecting information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a broad term that encompasses a wide range of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. It is also known as cyber security or computer security. Information security is important because it helps protect organizations from data loss, unauthorized access, and other security threats. It also helps organizations protect their customers' information and ensure compliance with applicable laws and regulations. Information security involves the use of a variety of measures to protect data, including encryption, authentication, access control, and data backup. Additionally, organizations must also take steps to ensure that their networks and systems are secure and regularly updated to prevent security breaches., topic=null, hs_path=information-security}--
{tableName=glossary, name=Ransomware, description= Ransomware is a type of malicious software (malware) designed to block access to a computer system or data until a ransom is paid. It typically spreads through phishing emails, malicious downloads, or drive-by downloads. Once installed, ransomware can encrypt files, lock the computer, or both. The attacker then demands payment, usually in the form of cryptocurrency or prepaid cards, in exchange for a decryption key to unlock the system or data. Ransomware is a particularly devastating form of malware because it can cause irreparable damage to computer systems, data, and networks, and can be difficult to detect and remove., topic=null, hs_path=ransomware}--
{tableName=glossary, name=Hybrid Data Center, description= A hybrid data center is a combination of a physical and virtual data center that uses both on-premises and cloud-based computing resources. It combines the best of both worlds, offering the benefits of physical data centers such as control, security, and low latency, while leveraging the scalability and flexibility of cloud computing. Hybrid data centers are designed to support a wide range of applications and workloads, including enterprise applications, big data, analytics, high-performance computing, and artificial intelligence. They offer the ability to deploy and manage applications and services across multiple locations, while providing the ability to scale up or down quickly in response to changing business needs. Hybrid data centers also offer the ability to optimize costs by utilizing a mix of on-premises and cloud-based resources., topic=null, hs_path=hybrid-data-center}--
{tableName=guides, name=GDPR, description= This GDPR Guide provides an authoritative overview of the General Data Protection Regulation (GDPR) and how it affects businesses and organizations. It outlines the key principles of the GDPR and provides an, topic=null, hs_path=gdpr}--
ISO/IEC 27002

ISO/IEC 27002 is an internationally recognized standard for information security management. It prov...

Data Protection Impact Assessment (DPIA)

Data Protection Impact Assessment (DPIA) is a process used to identify, assess, and manage data prot...

Information Security

Information security is the practice of protecting information from unauthorized access, use, disclo...

Ransomware

Ransomware is a type of malicious software (malware) designed to block access to a computer system o...

Hybrid Data Center

A hybrid data center is a combination of a physical and virtual data center that uses both on-premis...

GDPR

This GDPR Guide provides an authoritative overview of the General Data Protection Regulation (GDPR) ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks