Why HCSK?
- ✅ Focused on behavior, culture, and human responsibility
- ✅ Covers all people processes: hiring, offboarding, access, awareness
- ✅ Created by cybersecurity professionals, open to all disciplines
- ✅ Licensed under CC-BY — use it freely, adapt it widely
“Security isn't just about defending systems — it's about empowering people.
We the People... are the first line of defense.”
Explore the Framework
HCSK is structured into 9 key human-centric cybersecurity domains:
- 1. HR Lifecycle
- 2. Training & Awareness
- 3. Physical & Facility
- 4. Remote Work
- 5. Data Management
- 6. IT Usage
- 7. Legal & Third-Party
- 8. Incident & Continuity
- 9. Compliance
Want to Contribute?
You can improve the framework, apply it in your organization, or help promote human-first security practices worldwide.
Learn How to ContributeThe HCSK framework is released under a Creative Commons Attribution 4.0 License (CC-BY).