In an effort to develop strong cyber resilience, international organisations, academic institutions, corporations and countries have been actively working to develop cybersecurity frameworks (CSFs). Such efforts emphasize various perspectives depending on the organisation’s intention, while their contents involve the same concept. The aim of this paper is to incorporate the many varied perspectives on CSFs and gather them into a concise view by contrasting different intentions and distilling shared concepts. To do so, this study uses the document analysis method alongside two cycles of coding (descriptive coding and pattern coding) to excerpt 12 extant CSFs. The various intentions can be cascaded with respect to four areas: 1) the promoted action, 2) the driver, 3) the framework milieu and 4) the audience. The frameworks can also be examined according to three common concepts: 1) shared actions, 2) cyber pillars and 3) the framework life cycle. A total of seven shared actions are distilled from the frameworks, while the human, organisational, infrastructure, technology and law and regulation pillar are the most frequently discussed excerpts from the CSFs. Moreover, there are three processes for securing cyberspace: profiling, delivering and assuring. The shared concepts presented in this paper may also be useful for developing a general model of a CSF.