Latest coverage for Framework
Explore the latest frameworks in information security. Stay updated on guidelines to protect your digital assets and ensure data privacy.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
A security framework is an organized set of principles, practices, and controls for managing information and technology risk. Frameworks such as the NIST Cybersecurity Framework, ISO/IEC 27001, and COBIT help organizations structure activities including identifying assets and risks, protecting systems, detecting events, responding to incidents, and recovering operations. They are reference models rather than automatically effective security programs: an organization must select and implement measures appropriate to its systems, threats, and risk tolerance.
Practitioners use frameworks to assign responsibilities, prioritize vulnerability remediation, assess suppliers and cloud services, and document why particular controls are in place. They also provide a common vocabulary for audits, regulatory or contractual evidence, and measuring improvement over time. News under this tag may concern revisions to framework requirements, mappings between frameworks, assessment findings, or failures caused by treating a framework checklist as proof that controls work. A framework can guide governance and security operations, but it does not replace technical testing, continuous monitoring, or judgment about specific attack surfaces.
Docker Leaks API Secrets & Private Keys, as Cybercriminals Pounce
Researchers found that the private keys and secrets they discovered being exposed within the Docker framework are already being used in the wild.
Should You Be Using a Cybersecurity Careers Framework?
Frameworks can help improve hiring practices and retention, and help guide education — which makes them an important asset worth exploiting.
Study: Africa Cybersecurity Improves But Lacks Cross-Border Frameworks
While cybersecurity preparedness in Africa is on the upswing, the continent still lacks agreements on international security standards and sharing threat intel.
AWS Reliability Pillar: Consistent Cloud Architecture
Gain insight into the Reliability pillar of the AWS Well-Architected Framework and best practices for cloud-based operations, including change management and disaster recovery.
JumpCloud Confirms Data Breach By Nation-State Actor
The attack vector was identified as data injection into the firm's commands framework