Modernizing government cybersecurity

This Department of Homeland Security (DHS) program offers federal agencies real-time capabilities for identifying and mitigating cybersecurity risks.

The Children's Online Privacy Protection Act (COPPA) framework protects children's privacy online by regulating data collection for kids under 13 years old.

The CJIS security policy provides guidelines to safeguard sensitive criminal justice information to ensure confidentiality and integrity.

This DoD framework enhances the cybersecurity posture of contractors through cybersecurity practices across five maturity levels.

This guide for executive branch agencies details how to optimize insider threat programs to enhance detection, prevention, and mitigation capabilities.

This U.S. Department of Defense guide outlines security controls and requirements for using cloud services within military operations.

The DoD's C2C framework enhances network security by continuously validating and monitoring devices, reducing vulnerabilities. 

The DoD Cyber Exchange classifies information by sensitivity and potential impact of a security breach, guiding protection measures.

This DoD framework focuses on stringent security measures by verifying every user and device, regardless of network location.

FedRAMP provides a standardized approach for assessing, monitoring, and authorizing cloud computing products used by federal agencies.

The U.S. government computer security standard is used to approve cryptographic modules and ensure secure data encryption and protection processes.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) framework protects the privacy and security of health information in the United States, ensuring confidentiality and compliance.

The cybersecurity framework offers guidance on managing cyber risk and enhancing security using four phases: Identify, Protect, Detect, Respond, and Recover.

The guidelines protect Controlled Unclassified Information (CUI) in non-federal systems, focusing on confidentiality, integrity, and access controls.

Boost security by extending NIST SP 800-171 to protect Controlled Unclassified Information (UCI) against advanced persistent threats (APTs).

This comprehensive set of security and privacy controls is designed to secure federal information systems and protect sensitive data.

The Service Organization Control (SOC) 1, 2, and 3 standards manage and report on controls at service organizations, ensuring security and compliance.

TIC guidance modernizes federal network security, enabling agencies to leverage the cloud, enhance performance, and improve cybersecurity.

The European Data Protection Board (EDPB) endorsed code of conduct for cloud providers implements GDPR Article 28 requirements for B2B processors.

This proposed EU regulation aims to enhance cybersecurity across digital products and services by establishing mandatory security requirements.

DORA harmonizes digital operational resilience requirements for EU financial entities and their ICT providers and became effective January 2025.

The framework by the EU cybersecurity agency ENISA is designed to assess cloud service providers' security measures for customer data protection.

Harmonizing ICT security across Europe, this framework boosts trust and ensures consistent standards for products and services.

Comprehensive data protection regulation safeguards EU residents' privacy rights and regulates data processing activities.

The directive enhances cybersecurity across EU critical sectors by expanding measures to ensure robust network and information security protections.

The EU PSD2 framework enhances the security of electronic payments in the European Union (EU), mandating strong customer authentication.

This Australian framework emphasizes eight key strategies to mitigate cybersecurity risks and protect systems from common attacks.

This Australian government guide provides strategies and controls to secure government information and systems against cyberthreats.

This Japanese government program assesses and certifies cloud services for secure use by government agencies, ensuring robust cloud security.

India's Ministry of Electronics and IT (MeitY) provides guidelines for data protection and cybersecurity, ensuring secure digital infrastructure.