A cybersecurity framework is a set of practices, policies, and procedures that help an organization to create an effective security program. Key concepts for Cybersecurity is starting with a framework. There are plenty of pre-built frameworks available to guide you based on your industry, like NIST, PCI, HIPAA, ISO and more. But before you go there, and maybe before you even pick one, you should start with the Three Rules or Three. The first set starts with Confidentiality, Availability, and Integrity. This is the fine balancing act for Cybersecurity, also known as the “bedrock principle for Cybersecurity.” There’s no such thing as perfect security, you can’t spend all resources on all three areas - so focusing on your specific business needs, and identifying which of these are most important to your business and the separate business units helps properly align Cybersecurity solutions with business outcomes.