Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

6clicks product roadshow: Discover ...

On-demand Webinar

6clicks product roadshow: Discover the latest updates

Gain exclusive insights into the latest advancements on the 6clicks platform, starting with our integration with Wiz and...
date-icon

Oct 31, 2024

location

Virtual

Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

See all webinars
{tableName=guides, name=FedRAMP, description= FedRAMP is the U.S. Government's unified approach to securely adopt, assess, and monitor cloud services. Learn the basics and get started with this comprehensive guide., topic=[{id=97620570507, createdAt=1673040885321, updatedAt=1715624281837, path='fedramp', name='FedRAMP Guide: A Comprehensive Overview', 1='{type=string, value=FedRAMP}', 2='{type=string, value= FedRAMP is the U.S. Government's unified approach to securely adopt, assess, and monitor cloud services. Learn the basics and get started with this comprehensive guide.}', 5='{type=string, value=This guide provides a comprehensive overview of the Federal Risk and Authorization Management Program (FedRAMP). It covers the program's requirements, standards, and best practices, as well as its implementation and assessment processes. It explains the roles and responsibilities of all stakeholders, including the Federal Agency, Third-Party Assessor Organizations (3PAOs), and Cloud Service Providers (CSPs). It also provides step-by-step instructions on how to successfully complete the FedRAMP assessment process. In addition, it includes case studies and examples from organizations that have successfully implemented FedRAMP. This guide is an essential resource for anyone looking to understand and comply with the FedRAMP program.}', 15='{type=list, value=[{id=97620570507, name='FedRAMP'}]}'}], hs_path=fedramp}--
{tableName=glossary, name=Access Control System, description= An access control system is a security system that manages and monitors access to a physical facility, building, or area, or to a logical resource, such as a computer system, network, or application. Access control systems are typically used to control who can enter and exit a building, or who can access a particular area or resource. Access control systems can be as simple as a lock and key, or as complex as an integrated network of sensors, biometric readers, and computerized access control systems. Access control systems allow for the authorization of individuals to enter certain areas and the restriction of unauthorized individuals from entering those areas. Access control systems can also be used to monitor and control access to digital resources, such as computer networks, applications, and databases. Access control systems are used in a variety of settings, including government buildings, corporate offices, educational institutions, and private residences. Access control systems provide a layer of security, allowing for the monitoring and control of access to physical and digital resources., topic=null, hs_path=access-control-system}--
{tableName=glossary, name=ISO/IEC Cloud Security Standard, description= ISO/IEC Cloud Security Standard is an international standard developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It provides a set of guidelines for organizations to ensure the security of their cloud computing environment. The standard covers a wide range of topics including security requirements, risk management, security architecture, service level agreements, and compliance. It also provides guidance on how to protect cloud assets, such as data, applications, and infrastructure from potential threats. The standard is designed to promote the secure adoption and use of cloud computing technologies by providing organizations with the necessary guidance to ensure their cloud environment is secure., topic=null, hs_path=iso-iec-cloud-security-standard}--
{tableName=glossary, name=NIST Cybersecurity Standards, description= NIST Cybersecurity Standards are a set of standards and guidelines developed by the National Institute of Standards and Technology (NIST) to help organizations protect their information and systems from cyber security threats. The NIST Cybersecurity Framework (CSF) is the primary set of standards, which provides a comprehensive approach to managing and protecting an organization’s data and assets. The CSF is divided into five core functions: Identify, Protect, Detect, Respond, and Recover. Each of these functions is further divided into categories and subcategories, each of which contains a set of security controls and best practices. The NIST Cybersecurity Framework is intended to help organizations identify, assess, and manage risks associated with cyber threats, and to develop and implement a robust security program that meets the organization’s specific needs. In addition to the CSF, NIST also provides additional guidance, tools, and resources to help organizations implement and maintain a secure environment., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1715624266851, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}', 15='{type=list, value=[{id=97620570503, name='NIST Cybersecurity Framework (CSF)'}]}'}], hs_path=nist-cybersecurity-standards}--
{tableName=glossary, name=Instant Communications Security And Compliance, description= Instant Communications Security and Compliance is the practice of implementing measures to ensure the security and compliance of digital communications, such as emails, text messages, and other forms of electronic communication. It involves using technologies, processes, and policies to protect data and communications from unauthorized access or alteration. It also involves ensuring that all communications comply with applicable laws and regulations. This includes ensuring that all data is stored securely, that all communications are encrypted, and that all communications are monitored and audited. Additionally, it involves establishing processes to ensure that all communications are compliant with applicable laws and regulations, and that any changes to the system are documented and approved. Finally, it involves providing training to users on how to properly use and protect digital communications., topic=null, hs_path=instant-communications-security-and-compliance}--
{tableName=glossary, name=ISO/IEC 27002, description= ISO/IEC 27002 is an internationally recognized standard for information security management. It provides a comprehensive set of controls that organizations can use to protect their information assets. It is the successor to the original ISO/IEC 17799:2005 standard, which was the first international standard for information security management. ISO/IEC 27002 provides guidance on how organizations can manage the security of their information assets, including the selection, implementation, and monitoring of appropriate controls. It covers areas such as risk assessment, access control, asset management, physical and environmental security, cryptography, incident management, and business continuity. The standard is organized into 14 domains, each of which contains a set of control objectives and controls. The control objectives provide organizations with the framework they need to identify, assess, and manage their information security risks. The controls provide organizations with the specific security measures they need to put in place to protect their information assets. ISO/IEC 27002 is an important tool for organizations looking to protect their information assets and ensure compliance with applicable regulations and industry standards., topic=null, hs_path=iso-iec-27002}--