It is imperative that organizations comply with the laws, policies, and regulations of their industry. When selecting a cybersecurity solution, make sure that compliance is at the top of your list.
See how Plurilock meets the requirements of your industry so you can rest assured. View the list of regulations, displayed by industry, below. For more detailed information, request our Compliance Datasheet here. or contact us with further questions.
ISO 27001 is an International standard, prepared to provide requirements for establishing, implementing, maintaining, and continually improving an information security management system.
The CIS Critical Security Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks
Government & Military
The National Institute of Standards and Technology (NIST) is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems. BioTracker is NIST 800-53 and NIST 800-171 compliant.
This publication recommends security controls for federal information systems and organizations and documents security controls for all federal information systems, except those designed for national security.
This publication provides federal agencies with recommended requirements for protecting the confidentiality of CUI
FIPS Publication 200
The FIPS Publication 200 standard addresses the specification of minimum security requirements for federal information and information systems. FISMA directs the promulgation of federal standards for the security categorization of information and information systems based on the objectives of providing appropriate levels of information security according to a range of risk levels.
NFA Rule Book
The NFA strives to safeguard the integrity of the derivatives markets, protect investors, and ensure members meet their regulatory responsibilities.
FFIEC Info-Sec Booklet
The Federal Financial Institutions Examination Council (FFIEC) is a formal U.S. government interagency body composed of five banking regulators that is “empowered to prescribe uniform principles, standards, and report forms to promote uniformity in the supervision of financial institutions”.
The Gramm-Leach-Bliley Act also known as the Financial Services Modernization Act of 1999, to control the ways financial institutions deal with the individual’s private information.
The Sarbanes Oxley Act protects shareholders from accounting errors and fraudulent practices and improves the accuracy of corporate disclosures.
The Dodd-Frank Act places regulation on the financial industry in the hands of government to limit risk and enforce transparency and accountability.
The Payment Card Industry Data Security Standard applies to companies of any size that accept credit card payments, and requires data be hosted on a PCI compliant hosting provider.
NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems.
NERC CIP v5
The NERC CIP (North American Electric Reliability Corporation critical infrastructure protection) plan is a set of requirements designed to secure the assets required for operating North America’s bulk electric system. The NERC CIP plan consists of 9 standards and 45 requirements covering the security of electronic perimeters and the protection of critical cyber assets as well as personnel and training, security management and disaster recovery planning.
23 NYCRR 500
23 NYCRR 500 requires banks, insurance companies, and other financial services institutions regulated by DFS to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry.
HIPAA (Healthcare Insurance Portability and Accountability Act) provides data privacy and security provisions for safeguarding medical information.
HITECH (Health Information Technology for Economic and Clinical Health) Act promotes the adoption of EHR (Electronic Health Records) and private and secure health information exchange.
NIST SP 800-53
This publication recommends security controls for federal information systems and organizations and documents security controls for all federal information systems, except those designed for national security. ■