Products
- Products
- Products Overview
- AI Security
  
  AI Security Fabric
  
  Secure Agentic AI and LLM-powered applications with AI runtime security.
  
  LEARN MORE ABOUT
  AI CYBERSECURITY SOLUTIONS
  
  REQUEST A DEMO
  
  2026 Data Threat Report
  
  AI is the New Insider Threat
  
  Discover the 2026 Thales Data Threat Report —
  your essential guide to the latest global data security trends, emerging tech risks, and actionable insights to strengthen enterprise-wide defenses and drive strategic security collaboration.
  Get Your Copy Today
- Data Security
  Data Security
  
  Data Security Platform
  
  Data Security Posture Management
  
  Data Discovery & Classification
  
  Data at Rest Encryption
  
  Data at Rest Encryption
  
  Data at Rest Encryption
  
  Transparent Encryption
  
  Application Data Protection
  
  Tokenization
  
  Data Masking Solutions
  
  Data Protection Gateway
  
  Database Protection
  
  Batch Data Transformation
  
  Ransomware Protection
  
  CipherTrust RESTful Data Protection
  
  Key Management
  
  Secrets Management
  
  Hardware Security Modules
  
  Hardware Security Modules
  
  Hardware Security Modules
  
  General Purpose HSMs
  
  Payment HSMs
  
  Luna Cloud HSM Services
  
  Data Protection on Demand
  
  Data Protection on Demand
  
  Data Protection on Demand
  
  Services
  
  How it Works
  
  Partners
  
  Pricing
  
  Sign Up Now
  
  Network Encryption
  
  Risk Analytics & Monitoring
  
  Secure File Sharing
  
  DevSecOps
  
  Risk Management Strategies for Digital Processes with HSMs
  
  Security architects are implementing comprehensive information risk management strategies that include integrated Hardware Security Modules (HSMs). Reduce risk and create a competitive advantage.
  Get the White Paper
- Application Security
  Application Security
  
  Application Security Overview
  
  Application Security Overview
  
  AI Application Security
  
  Web Application Firewall
  
  Advanced Bot Protection
  
  Unified API Security Platform
  
  DDoS Protection
  
  Client-Side Protection
  Account Takeover Protection
  
  Content Delivery Network
  
  2026 Thales Bad Bot Report
  
  Bad Bots in the Agentic Age
  
  The 2026 Thales Bad Bot Report shows daily AI-enabled bot attacks jumped from 2 million
  to 25 million in a single year. Read the report to learn more about security in the age of agentic AI.
  Get your copy today
- Identity & Access Management
  Identity & Access Management
  
  Identity Types
  
  Identity Types
  
  Customer Identity
  
  Workforce Identity
  
  B2B Identity
  
  Gig Worker Identity
  
  Capabilities
  
  Capabilities
  
  Adaptive Access Control
  
  BYOI & Social Login
  
  Consent & Preference Management
  
  Delegated User Management
  
  Externalized Authorization
  
  Federated Identity Management
  
  Fraud & Risk Management
  
  Identity Verification
  
  Multi-Factor Authentication
  
  Risk-based Authentication
  
  Single Sign-On (SSO)
  
  Strong Customer Authentication
  
  User Journey Orchestration
  
  Product Types
  
  Product Types
  
  Digital Banking
  
  eHerkenning
  
  FIDO Passkeys and Devices
  
  On-Prem Management Platforms
  
  OneWelcome
  
  OTP Authenticators
  
  MobilePASS+
  
  Passwordless Authentication
  
  PKI USB Tokens
  
  SafeNet Trusted Access
  
  Smart Cards
  
  Smart Card Readers
  
  Tokenless Authentication
  
  Integrations
  
  Request a Demo
  
  Free Trial: SafeNet Trusted Access
  
  2026 Digital Trust Index
  
  Trust in the AI era
  
  Discover the 2026 Thales Digital Trust Index —
  The most comprehensive study for IT Security Leaders on how Digital Experiences affect Trust across Consumers, Partners and Employees.
  Get Your Copy Today
- Software Monetization
  Software Monetization
  
  Software Monetization Overview
  
  License Management
  
  Entitlement Management
  
  Rights Management System
  
  Software and IP protection
  
  Software Usage Intelligence
  
  All Software Monetization Products
  
  Interactive Product Tours
  
  Request a Free Trial
  
  Support and Services
  
  How to Get Software Licensing Right The First Time
  
  Navigate The Process of Licensing, Delivering, and Protecting Your Software
  
  Get the practical guide to software licensing the first time with comprehensive strategies that consider people, processes, and technology.
  Get the White Paper
How We Can Help

You can rely on Thales to help protect and secure access to your most sensitive data and software wherever it is created, shared or stored.

2026 Data Threat Report

AI is the New Insider Threat

Discover the 2026 Thales Data Threat Report — your essential guide to the latest global data security trends, emerging tech risks, and actionable insights to strengthen enterprise-wide defenses and drive strategic security collaboration.
Get Your Copy Today
Solutions
- Solutions
- Solutions Overview
- By Use Case
  By Use Case
  
  AI Security
  
  AI Security
  
  AI Security
  
  AI Security Fabric
  
  RAG Data Security
  
  AI Application Security
  
  5G Security
  
  Application Security
  
  Cloud Data Security
  
  Blockchain Data Security
  
  Data Sovereignty
  
  Data Security Posture Management
  
  Database Security
  
  DevSecOps
  
  Encryption
  
  Identity & Access Management
  
  Key Management
  
  Quantum
  
  Quantum
  
  Quantum
  
  Are You Post-Quantum Ready?
  
  Although post-quantum is projected to be a few years away, an enterprise must start planning today to be post-quantum ready. Take this free risk assessment to learn if your organization is at risk of a post-quantum breach.
  TEST YOUR QUANTUM READINESS
  
  Software Monetization
  
  The Rise in Unstructured Data
  and AI Security Risks
  
  Discover The Rise in Unstructured Data and AI Security Risks — while 75% of organizations feel confident in their data security, 68% admit much of their unstructured data remains unprotected, revealing critical gaps in coverage and investment.
  GET THE REPORT
- By Industry
  By Industry
  
  Automotive
  
  Critical Infrastructure
  
  Education
  
  Government
  
  Government
  
  Government
  
  Federal Government
  
  State and Local Government
  
  Law Enforcement
  
  Financial Services
  
  Healthcare
  
  Insurance Providers
  
  Manufacturing and Industrial
  
  Media and Entertainment
  
  Retail
  
  SaaS Providers and Consumers
  
  Telecommunications
  
  2026 Thales Bad Bot Report
  
  Bad Bots in the Agentic Age
  
  The 2026 Thales Bad Bot Report finds 46% of account takeover attacks target Financial Services, while 20% of AI bot attacks target Retail websites. Check out the report for more key findings.
  Get your copy today
- By Compliance
  By Compliance
  
  Global
  
  Global
  
  Basel Compliance Solutions
  
  Data Breach Notification Laws
  
  Data Sovereignty
  
  GDPR
  
  ISO 27799:2016 Compliance
  
  ISO/IEC 27001:2022 Compliance
  
  ISO/IEC 27002:2013 Compliance
  
  PCI DSS
  
  PCI HSM
  
  Swift CSC
  
  Validations and Certifications
  
  Americas
  
  Americas
  
  Brazil - LGPD
  
  CCPA (California Consumer Privacy Act)
  
  CISA Zero Trust Maturity Model
  
  CJIS
  
  Cybersecurity Maturity Model - CMMC
  
  FDA/DEA - EPCS
  
  FedRamp
  
  FISMA
  
  FIPS 199 and FIPS 200
  
  FIPS 140-2
  
  FIPS 140-3
  
  GLBA
  
  HIPAA
  
  Mexico - Data Protection Law
  
  NAIC Insurance Data Security Model Law Compliance
  
  New York State Cybersecurity Requirements for Financial Services Companies Compliance
  
  NCUA Regulatory Compliance
  
  NIST 800-53, Revision 4
  
  NIST CSF 2.0
  
  PIPEDA Compliance
  
  SOC 2
  
  SOX
  
  STIR/SHAKEN
  
  EMEA
  
  EMEA
  
  DEFCON 658
  
  DORA
  
  ECC
  
  eIDAS
  
  GDPR
  
  NIS2
  
  PSD2
  
  Schrems II
  
  South Africa POPI Act
  
  APAC
  
  APAC
  
  Australia ASIC Market Integrity Rules
  
  Australia APRA CPS234
  
  Australia Cryptography Guidelines
  
  Australia Privacy Amendment
  
  Australia SOCI Act
  
  Bangladesh ICT Security Guideline
  
  China Personal Information Security Specification
  
  Hong Kong CI Bill
  
  Hong Kong Cloud Adoption Compliance
  
  Hong Kong Digital Assets Guidelines
  
  Hong Kong Practice Guide for Cloud Computing Security
  
  Hong Kong Secure Tertiary Data Backup (STDB) Guideline
  
  Hong Kong Virtual Asset Trading Platforms Operators Guideline
  
  India CSCRF by SEBI
  
  India Digital Personal Data Protection Act
  
  India Framework for Adoption of Cloud Services by SEBI
  
  India IRDAI ICS Guidelines
  
  India RBI Outsourcing of IT Services Directions
  
  Indonesia Personal Data Protection Law
  
  Japan Act on Protection of Personal Information
  
  Japan FISC
  
  Japan My Number Compliance
  
  J-Sox
  
  Korea Personal Information and Information Security Management System (ISMS-P)
  
  Monetary Authority of Singapore
  
  Philippines Data Privacy Act of 2012
  
  Philippines NPC Circular 2023-06
  
  Risk Management in Technology (RMiT) Policy
  
  Singapore MAS Advisory On Quantum
  
  Singapore Public Sector Data Security
  
  Singapore CCoP2.0
  
  South Korea's PIPA
  
  Thailand BOT - IT Risk Guidelines
  
  Thailand OIC - IT Risk Guidelines
  
  Thailand SEC - IT Systems Guidelines
  
  UIDAI's Aadhaar Number Regulation Compliance
  
  Vietnam Personal Data Protection Decree
  
  Protect Your Organization from Data Breach Notification Requirements
  
  Data breach disclosure notification laws vary by jurisdiction, but almost universally include a "safe harbor" clause.
  LEARN MORE
Solutions to Secure Your Digital Transformation

Whether it's securing the cloud, meeting compliance mandates or protecting software for the Internet of Things, organizations around the world rely on Thales to accelerate their digital transformation.

Implementing Strong Authentication for Office 365

Mitigate the risk of unauthorized access and data breaches.
Learn More
Partners
Thales Accelerate
Partner Network

Thales Partner Ecosystem includes several programs that recognize, rewards, supports and collaborates to help accelerate your revenue and differentiate your business. Provide more value to your customers with Thales's Industry leading solutions. Learn more to determine which one is the best fit for you.

The Thales Accelerate Partner Network provides the skills and expertise needed to accelerate results and secure business with Thales technologies.
Get the Brochure
Resources
- Area of Interest
- Data Security
  Resource Type
  
  White Papers
  
  Analyst Research
  
  eBooks
  
  Case Studies
  
  Infographics
  
  Webinars
  
  Product Tours
  
  Videos
  
  Security Research
  
  Podcasts
  
  TalkingTrust Video Series
  
  Gartner® Report: Market Guide for Data Security Platforms
  
  Download the 2025 guide for Data Security Platforms, and learn how combining data security controls and fine-grained authorization leads to more efficient data security.
  Get the Report
- Application Security
  Resource Type
  
  Resource Library
  
  Case Studies
  
  Interactive Product Tours
  
  Blog
  
  Threat Research
  
  Learning Center
  
  2026 Thales Bad Bot Report
  
  Bad Bots in the Agentic Age
  
  The 2026 Thales Bad Bot Report shows daily AI-enabled bot attacks jumped from 2 million to 25 million in a single year. Read the report to learn more about security in the age of agentic AI.
  Get your copy today
- Identity & Access Management
  Resource Type
  
  White Papers
  
  Analyst Research
  
  eBooks
  
  Case Studies
  
  Infographics
  
  Webinars
  
  Videos
  
  Security Research
  
  Podcasts
  
  Magazine
  
  2026 Digital Trust Index
  
  Trust in the AI era
  
  Discover the 2026 Thales Digital Trust Index — The most comprehensive study for IT Security Leaders on how Digital Experiences affect Trust across Consumers, Partners and Employees.
  Get Your Copy Today
- Software Monetization
  Resource Type
  
  Learning Hub
  
  Blog
  
  Documentation
  
  Product Tours
  
  White Papers
  
  Case Studies
  
  Product Briefs
  
  Infographics
  
  Webinars
  
  Software Licensing & Entitlement Management Buyer's Guide
  
  Explore key criteria, evaluation questions, and best practices for choosing a software licensing and entitlement management platform that supports scale, security, and growth.
  Get the eBook
- Blog
Explore Thales' comprehensive resources for cloud, protection and licensing best practices.

A Global Leader in Data Security

Thales, together with Imperva, is a global leader in cybersecurity, helping the most trusted brands in the world protect their most critical applications, data, identities, and software anywhere at scale.
GET THE BROCHURE

Support
About
Contact Us
EN
- English (GB)
- Français
- Deutsch
- Italiano
- Español
- Português
- 日本語
- 한국어
- Microsites
- Polskie
- Nederlands
- 中文(繁體)

Compliance with the CISA Zero Trust Maturity Model

The Cybersecurity & Infrastructure Security Agency (CISA) released its Zero Trust Maturity Model Version 2.0 in April 2023. CISA states that "the maturity model, which includes five pillars and three cross-cutting capabilities, is based on the foundations of Zero Trust. Within each pillar, the maturity model provides specific measures required to achieve traditional, initial, advanced and optimal Zero Trust Architectures."

Thales' solutions can help organisations comply with the CISA Zero Trust Maturity Model 2.0 requirements by simplifying compliance and automating security, reducing the burden on security and compliance teams.

Identify and manage risks

Gain visibility, control and insight over risks to sensitive data and assets.

Automate protection

Protect applications, data and identities automatically based on policy across hybrid IT.

Mitigate and respond to attacks

Monitor for abnormal activities and mitigate attacks in real time.

Thales CISA Zero Trust Maturity Model 2.0

eBook

How Thales helps organisations comply with the CISA Zero Trust Maturity Model 2.0

Thales helps organisations comply with CISA Zero Trust Maturity Model 2.0 with comprehensive cyber security solutions in three key areas of cybersecurity: Application Security, Data Security and Identity & Access Management. Learn more in our eBook.

Learn more

What is the CISA Zero Trust Maturity Model 2.0?

CISA's Zero Trust Maturity Model provides a roadmap that government agencies and private organisations of all kinds use as a reference as they transition towards a zero trust architecture. The maturity model aims to assist organisations in the development of zero trust strategies and implementation plans.

Learn more

Related resources

Compliance

Cybersecurity compliance with the NIST Cybersecurity Framework 2.0

Compliance

Data security compliance with the CMMC

Compliance

Data security compliance with the ISO/IEC 27001:2022

Compliance

PCI DSS compliance solutions: addressing 4.0 requirements

Compliance

Data security solutions for NIS2 compliance

Other key data protection and security regulations

PCI HSM

MANDATE | ACTIVE NOW

The PCI HSM specification defines a set of logical and physical security compliance standards for HSMs specifically for the payments industry. PCI HSM Compliance certification depends on meeting those standards.

Learn more

DORA

REGULATION | ACTIVE NOW

DORA aims to strengthen the IT security of financial entities to ensure the financial sector in Europe is resilient in the face of the growing volume and severity of cyber-attacks.

Learn more

Data breach notification laws

REGULATION | ACTIVE NOW

Data breach notification requirements following loss of personal information have been enacted by nations around the globe. They vary by jurisdiction, but almost universally include a "safe harbour" clause.

Learn more

GLBA

REGULATION | ACTIVE NOW

The Gramm-Leach-Bliley Act (GLBA)--also known as the Financial Services Modernization Act of 1999--requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data.

Learn more

Contact a compliance specialist

cpl.thalesgroup.com

Visit our parent site at

www.thalesgroup.com

Products

Solutions

Partners

Resources

Support
- Customer Support
- Training Services

About

SUBSCRIBEGet the latest data protection and access management resources and insights delivered right to your inbox.

- Privacy Policy
- Disclaimer
- Sitemap
- Cookie Policy
- Terms & Conditions
- Do Not Sell My Personal Information