top of page
Home
About Us
Services
Docs
EU Grant
Contact Us
...
Use tab to navigate through the menu items.
Relevant standards, acts, policies, directives, and other cybersecurity docs
Click
on the icon or name to open
the resource
ISO/IEC 27000 Series
A family of standards for information security management systems (ISMS) and their requirements that enable organizations of all sectors and sizes to manage the security of assets such as financial information, intellectual property, employee data, and information entrusted by third parties.
NIST Cybersecurity Framework
NIST Cybersecurity Framework is a set of guidelines for mitigating organizational cybersecurity risks, published by the US National Institute of Standards and Technology. It helps businesses of all sizes better understand, manage, and reduce their cybersecurity risk and protect their networks and data.
EU NIS2 Directive
NIS2 aims to enhance the security of network and information systems within the EU by requiring operators of critical infrastructure and essential services to implement appropriate security measures and report any incidents to the relevant authorities.
PCI-DSS
The PCI DSS (Payment Card Industry Data Security Standard) is an information security standard designed to reduce payment card fraud by increasing security controls around cardholder data.
EU DORA - Digital Operational Resilience Act
It is an EU regulation that creates a binding, comprehensive information and communication technology (ICT) risk management framework for the EU financial sector. DORA establishes technical standards that financial entities and their critical third-party technology service providers must implement in their ICT systems.
SOC2
SOC 2, aka Service Organization Control Type 2, is a cybersecurity compliance framework developed by the American Institute of Certified Public Accountants (AICPA). The primary purpose of SOC 2 is to ensure that third-party service providers store and process client data securely.
EU GDPR - General Data Protection Regulation
The GDPR is a data privacy regulation from Europe that grants rights to individuals in the EU/EEA over how their personal information gets processed, irrespective of whether the processing occurs online or offline.
US CCPA - Caliornia Consumer Privacy Act
CCPA stands for the California Consumer Privacy Act (CCPA). It is a data privacy law that ensures consumers in California are aware of which information a business can collect from them. It also gives these consumers the right to ask for disclosure.
US HIPAA - Health Insurance Portability And Accountability Act
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.
Center of Internet Security (CIS) Critical Controls
The CIS Controls are a concise, prioritized set of cyber practices created to stop today's most pervasive and dangerous cyber attacks aimed at IT users worldwide. The Controls are developed, refined, and validated by a community of leading global experts.
COBIT 5
COBIT (Control Objectives for Information and Related Technology) helps organizations meet business challenges in regulatory compliance, risk management, and aligning IT strategy with organizational goals. COBIT 5, the latest iteration of the framework, was released in 2012.
US FISMA - Federal Information Security Modernization Act
FISMA is U.S. government legislation that defines a comprehensive framework to protect government information, operations, and assets against threats. Signed into law in 2002 and updated in 2014, FISMA requires that federal systems meet a set level of security requirements (also known as “controls”).
bottom of page
