Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

Q3 product showcase: Continuous Con...

On-demand Webinar

Q3 product showcase: Continuous Control Monitoring, Developer API, and more

Join our webinar for CISOs, risk and compliance professionals, and security teams to explore the latest 6clicks features...
date-icon

Aug 22, 2024

location

Virtual

See all webinars
{tableName=glossary, name=Cybersecurity Reports, description= Cybersecurity Reports are documents that provide detailed information about the security status of an organization's digital assets and infrastructure. They typically include an assessment of the organization's current security posture, the potential risks and vulnerabilities it faces, and the recommended steps for mitigating those risks. Cybersecurity Reports can also include information about the organization's compliance with applicable laws and regulations, as well as any other relevant information that could affect its security posture. Cybersecurity Reports are an important tool for organizations to use in order to stay informed and up-to-date on the latest security threats and vulnerabilities, as well as to ensure their security posture is in line with current industry standards., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=cybersecurity-reports}--
{tableName=glossary, name=Cybersecurity Management, description= Cybersecurity Management is the practice of protecting networks, systems, and programs from digital attacks. These attacks may come in the form of malware, phishing, viruses, ransomware, and other malicious activities. Cybersecurity Management includes the implementation of security measures to protect data, networks, and systems from unauthorized access, modification, or destruction. It involves the use of security policies, procedures, and technologies to protect data, networks, and systems from malicious attacks. It also includes the identification, assessment, and mitigation of risks posed by cyber threats. Cybersecurity Management also includes the development of incident response plans and the implementation of measures to ensure the continuity of operations and the availability of data and systems. Additionally, it involves the monitoring of systems and networks for potential malicious activities and the implementation of measures to prevent and respond to such activities., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=cybersecurity-management}--
{tableName=guides, name=MITRE ATT&CK, description= This guide provides an in-depth look at the MITRE ATT&CK framework, including how to use it to identify, detect, and respond to cyber threats. Learn how to create, topic=[{id=97620570520, createdAt=1673040885404, updatedAt=1715624526005, path='mitre-attck', name=' MITRE ATT&CK: A Comprehensive Guide', 1='{type=string, value=MITRE ATT&CK}', 2='{type=string, value= This guide provides an in-depth look at the MITRE ATT&CK framework, including how to use it to identify, detect, and respond to cyber threats. Learn how to create}', 5='{type=string, value=This comprehensive guide provides an in-depth exploration of the MITRE ATT&CK framework. It covers the fundamentals of the framework, its components, and how it can be used to identify, assess, and defend against cyber threats. It provides detailed descriptions of the techniques and tactics used by attackers and how to detect them. Additionally, this guide provides practical advice on how to create a defense-in-depth strategy, how to use the framework to prioritize security investments, and how to develop effective mitigation strategies. This guide is an essential resource for security professionals and organizations looking to understand and protect their networks and systems against malicious actors.}', 15='{type=list, value=[{id=97620570520, name='MITRE ATT&CK'}]}'}], hs_path=mitre-attck}--
{tableName=glossary, name=Risk Financing, description= Risk financing is a type of financial management strategy used to protect an organization from the financial impact of losses due to risks. It involves a combination of risk transfer, risk retention, and risk control measures to manage the costs associated with potential losses. Risk transfer is the process of transferring the financial responsibility of a risk to another party, such as an insurance company. Risk retention is the process of keeping the financial responsibility for a risk within the organization, such as through self-insurance or a risk pool. Risk control is the process of implementing measures to reduce the likelihood of a risk occurring. Risk financing also includes the use of financial instruments, such as hedging, to manage the financial impact of risks., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1715624292575, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}', 15='{type=list, value=[{id=97620570509, name='Enterprise Risk Management'}]}'}], hs_path=risk-financing}--
{tableName=comparison, name=SOC 2 vs ASD Essential 8, description=SOC 2 vs ASD Essential 8: Compare the two standards to understand their differences & similarities. Learn which standard is best for your organization., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1715624490265, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}', 15='{type=list, value=[{id=97620570514, name='SOC 2'}]}'}], hs_path=soc-2-vs-asd-essential-8}--
{tableName=glossary, name=Information Security, description= Information security is the practice of protecting information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a broad term that encompasses a wide range of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. It is also known as cyber security or computer security. Information security is important because it helps protect organizations from data loss, unauthorized access, and other security threats. It also helps organizations protect their customers' information and ensure compliance with applicable laws and regulations. Information security involves the use of a variety of measures to protect data, including encryption, authentication, access control, and data backup. Additionally, organizations must also take steps to ensure that their networks and systems are secure and regularly updated to prevent security breaches., topic=null, hs_path=information-security}--