Framework in the IT world that states networks should always be considered vunerable to cyberthreats, and therefore should protected with vigilance.