How to Use the NICE Framework to Plan Cybersecurity Careers and Teams

A Compass for Navigating Cyber Careers When someone says they work in cybersecurity, it could mean anything from cloud engineering to incident response, from red teams to risk governance. The field is vast and only getting more complex. Despite all the frameworks we use to secure systems, most organisations still lack a shared language for describing the people who do the work. That’s what the NICE Framework offers: a way to map roles, skills, and development pathways across the full cyber landscape. ...

June 1, 2025 · 3 min

What a Second Trump Presidency Means for US Cybersecurity policy

Less than a month until the new American administration, Wired predicts what will change in US cybersecurity policy - and regulations. Wired predicts shifts in U.S. cyber policy under the new administration; if accurate, this would mean a lighter regulatory touch. It remains to be seen how industry will respond. [… ] “more regulation will be dismantled than introduced.” Biden’s presidency was “riddled with new cyber regulation” that sometimes confused and overburdened industry, he adds. “The new White House will be looking to reduce regulatory burdens while streamlining smart compliance.” ...

December 8, 2024 · 1 min · Graeme

NIST Cybersecurity Framework 2.0 was released this year - NIST

The US Government’s National Institute for Standards and Technology, known commonly as NIST, released its updated Cybersecurity framework in February. This was the first new version in 10 years, following the 1.0 version in 2014 that was primarily aimed at protecting US critical infrastructure. The new 2.0 version is international and aimed for broad consumption: drafted in collaboration with experts across 100 countries, it should also be easier to use. Version 2.0 also introduces a new category: Govern, recognising that the world has changed since 2014, with Cyber now an enterprise risk being discussed in the boardroom. ...

December 8, 2024 · 1 min · Graeme

The UK to introduce its own cyber law in 2025 - UK Gov

With the new UK Labour government, changes are expected in legislation and regulations for risk and resilience. The Cyber Security & Resilience Bill will be coming before Parliament in 2025, helping government ‘build a better picture’ of the cyber threat landscape. The Bill will [… expand] the remit of the existing regulation, putting regulators on a stronger footing, and increasing reporting requirements to build a better picture in government of cyber threats. ...

December 8, 2024 · 1 min · Graeme

APRA Standard 234 Information Security

Prudential Standard 234 Information Security

1 min