Products
- Products
- Products Overview
- Data Security
  Data Security
  
  Data Security Overview
  
  Data Security Platform
  
  Data Security Posture Management
  
  Data Discovery & Classification
  
  Data at Rest Encryption
  
  Data at Rest Encryption
  
  Data at Rest Encryption
  
  Transparent Encryption
  
  Encryption for Kubernetes
  
  Encryption UserSpace
  
  Application Data Protection
  
  Data Protection Gateway
  
  Database Protection
  
  Batch Data Transformation | Static Data Masking
  
  Intelligent Protection
  
  Selecting the Right Encryption Approach
  
  Ransomware Protection
  
  Tokenization
  
  Key Management
  
  Key Management
  
  Key Management
  
  CipherTrust Manager
  
  CipherTrust Cloud Key Manager
  
  Enterprise Key Management
  
  CipherTrust Platform for DevOps
  
  CipherTrust Cloud Key Management Service
  
  Secrets Management
  
  Hardware Security Modules
  
  Hardware Security Modules
  
  Hardware Security Modules
  
  General Purpose HSMs
  
  Payment HSMs
  
  Luna Cloud HSM Services
  
  Data Protection on Demand
  
  Data Protection on Demand
  
  Data Protection on Demand
  
  Services
  
  How it Works
  
  Partners
  
  Pricing
  
  Sign Up Now
  
  Network Encryption
  
  Risk Analytics & Monitoring
  
  Secure File Sharing
  
  DevSecOps
  
  Risk Management Strategies for Digital Processes with HSMs
  
  Security architects are implementing comprehensive information risk management strategies that include integrated Hardware Security Modules (HSMs). Reduce risk and create a competitive advantage.
  Get the White Paper
- Application Security
  Secure what matters most with Thales and Imperva
  
  Applications help to drive digital transformation but traditional security approaches can’t keep pace with dynamic environments. See how we can help you protection applications and APIs anywhere.
  Explore Application Security
  
  Thales and Imperva Join Forces
  
  Together, we are creating the worldwide leader in cybersecurity, protecting more applications, data and identities than any other company and enabling tens of thousands of organizations to deliver trusted digital services to billions of consumers around the world every day.
  Learn More
- Identity & Access Management
  Identity & Access Management
  
  Identity Types
  
  Identity Types
  
  Identity Types
  
  Customer Identity
  
  Workforce Identity
  
  B2B Identity
  
  Gig Worker Identity
  
  Capabilities
  
  Capabilities
  
  Capabilities
  
  Adaptive Access Control
  
  BYOI & Social Login
  
  Consent & Preference Management
  
  Delegated User Management
  
  Externalized Authorization
  
  Fraud & Risk Management
  
  Identity Verification
  
  Multi-Factor Authentication
  
  Risk-based Authentication
  
  Single Sign-On (SSO)
  
  Strong Customer Authentication
  
  User Journey Orchestration
  
  Product Types
  
  Product Types
  
  Product Types
  
  Digital Banking
  
  eHerkenning
  
  FIDO Passkeys and Devices
  
  On-Prem Management Platforms
  
  OneWelcome
  
  OTP Authenticators
  
  MobilePASS+
  
  Passwordless Authentication
  
  PKI USB Tokens
  
  SafeNet Trusted Access
  
  Smart Cards
  
  Smart Card Readers
  
  Tokenless Authentication
  
  Request a Demo
  
  Free Trial: SafeNet Trusted Access
  
  Access Management Handbook
  
  Get everything you need to know about Access Management, including the difference between authentication and access management, how to leverage cloud single sign on.
  Get the eBook
- Software Monetization
  Software Monetization
  
  Software Monetization Overview
  
  License Management
  
  Entitlement Management
  
  Rights Management System
  
  Software and IP protection
  
  Software Usage Intelligence
  
  All Software Monetization Products
  
  Interactive Product Tours
  
  How to get SaaS Software Licensing Right the First Time
  
  Explore the software licensing lifecycle, and how to build a cross-functional licensing team.
  Get the eBook
How We Can Help

You can rely on Thales to help protect and secure access to your most sensitive data and software wherever it is created, shared or stored.

2025 Data Threat Report

AI, Quantum and
the Evolving Data Threatscape

Discover the 2025 Thales Data Threat Report — your essential guide to the latest global data security trends, emerging tech risks, and actionable insights to strengthen enterprise-wide defenses and drive strategic security collaboration.
Get Your Copy Today
Solutions
- Solutions
- Solutions Overview
- By Use Case
  By Use Case
  
  AI Security
  
  5G Security
  
  Access Security
  
  Access Security
  
  Access Security
  
  Secure Remote Access
  
  Secure VPN Access
  
  Secure Cloud Access
  
  VDI Security Solutions
  
  2FA Solutions
  
  Web and Cloud SSO
  
  Physical & Logical Access Control
  
  MFA for Cyber Insurance
  
  Blockchain
  
  Cloud Security
  
  Cloud Security
  
  Cloud Security
  
  Amazon Web Services
  
  Bring Your Own Encryption (BYOE)
  
  Cloud Data Encryption
  
  Cloud SSO
  
  Google Cloud
  
  Luna HSMs – Hybrid, On-Premises and Cloud HSM
  
  Microsoft Azure
  
  Microsoft Double Key Encryption (DKE)
  
  Multi-Cloud Security
  
  Oracle Cloud Infrastructure
  
  Your Data Their Cloud
  
  Data Security & Encryption
  
  Data Security & Encryption
  
  Data Security & Encryption
  
  Advanced Persistent Threats (APTs)
  
  Big Data Security
  
  Database Security and Encryption
  
  DevSecOps
  
  Docker Encryption
  
  Encryption for Kubernetes
  
  Encryption UserSpace
  
  MongoDB Encryption
  
  MS SQL Server Encryption
  
  NoSQL Encryption
  
  Oracle Database Encryption
  
  PostgreSQL Database Encryption
  
  SAP Data Security
  
  Securing Unstructured Files
  
  TDE Key Management
  
  Virtual Environment Security
  
  Data Sovereignty
  
  Digital Transformation
  
  IoT Security
  
  IoT Security
  
  IoT Security
  
  Smart Grid Security
  
  IoT Connected Car
  
  IoT Secure Manufacturing
  
  IoT Healthcare
  
  Payment & Transactions
  
  Payment & Transactions
  
  Payment & Transactions
  
  Secure Payments
  
  Point-to-Point Encryption
  
  Document Signing
  
  EMV & Payment Card Issuance
  
  Host Card Emulation
  
  Mobile Card Payments
  
  mPOS
  
  Payment Processing
  
  Secure Credit Card & Pin Management
  
  PKI Credential Management
  
  PKI Credential Management
  
  PKI Credential Management
  
  PKI Middleware
  
  PKI Authentication
  
  PKI Security
  
  PKI Security Solutions
  
  PKI Security Solutions
  
  PKI Security Solutions
  
  TLS/SSL Key Security
  
  Code Signing
  
  Secure Digital Signatures
  
  Electronic Invoicing
  
  DNS Security
  
  Email Encryption
  
  Quantum
  
  Quantum
  
  Quantum
  
  Are You Post-Quantum Ready?
  
  Although post-quantum is projected to be a few years away, an enterprise must start planning today to be post-quantum ready. Take this free risk assessment to learn if your organization is at risk of a post-quantum breach.
  TEST YOUR QUANTUM READINESS
  
  Ransomware Solutions
  
  Remote Workforces Challenges
  
  Software Monetization
  
  Software Monetization
  
  Software Monetization
  
  Software License Management
  
  Entitlement Management
  
  Software Packaging & Pricing
  
  Software Usage Tracking & Reporting
  
  Software Protection & Licensing
  
  Capture Revenue Opportunities
  
  Zero Trust Security
  
  Best Practices for Secure Cloud Migration
  
  It's a Multi-Cloud World. Thales can help secure your cloud migration.
  GET THE WHITE PAPER
- By Industry
  By Industry
  
  Automotive
  
  Critical Infrastructure
  
  Education
  
  Government
  
  Government
  
  Government
  
  Federal Government
  
  State and Local Government
  
  Law Enforcement
  
  Financial Services
  
  Healthcare
  
  Insurance Providers
  
  Manufacturing and Industrial
  
  Media and Entertainment
  
  Retail
  
  SaaS Providers and Consumers
  
  Telecommunications
  
  2025 Thales Digital Trust Index
  
  The Thales Consumer Digital Trust Index Report aims to empower individuals and organizations to own their role in protecting their cyberspace from data breaches.
  GET THE REPORT
- By Compliance
  By Compliance
  
  Global
  
  Global
  
  Basel Compliance Solutions
  
  Cybersecurity Maturity Model - CMMC
  
  Data Breach Notification Laws
  
  Data Sovereignty
  
  GDPR
  
  ISO 27799:2016 Compliance
  
  ISO/IEC 27001:2022 Compliance
  
  ISO/IEC 27002:2013 Compliance
  
  PCI DSS
  
  PCI HSM
  
  Swift CSC
  
  Validations and Certifications
  
  Americas
  
  Americas
  
  Brazil - LGPD
  
  CCPA (California Consumer Privacy Act)
  
  CJIS
  
  FDA/DEA - EPCS
  
  FedRamp
  
  FISMA
  
  FIPS 199 and FIPS 200
  
  FIPS 140-2
  
  FIPS 140-3
  
  GLBA
  
  HIPAA
  
  Mexico - Data Protection Law
  
  NAIC Insurance Data Security Model Law Compliance
  
  New York State Cybersecurity Requirements for Financial Services Companies Compliance
  
  NCUA Regulatory Compliance
  
  NIST 800-53, Revision 4
  
  PIPEDA Compliance
  
  SOX
  
  STIR/SHAKEN
  
  EMEA
  
  EMEA
  
  DEFCON 658
  
  DORA
  
  ECC
  
  eIDAS
  
  GDPR
  
  NIS2
  
  PSD2
  
  Schrems II
  
  South Africa POPI Act
  
  APAC
  
  APAC
  
  Australia ASIC Market Integrity Rules
  
  Australia APRA CPS234
  
  Australia Privacy Amendment
  
  Australia SOCI Act
  
  Bangladesh ICT Security Guideline
  
  China Personal Information Security Specification
  
  Hong Kong CI Bill
  
  Hong Kong Digital Assets Guidelines
  
  Hong Kong Practice Guide for Cloud Computing Security
  
  Hong Kong Secure Tertiary Data Backup (STDB) Guideline
  
  Hong Kong Virtual Asset Trading Platforms Operators Guideline
  
  India CSCRF by SEBI
  
  India Digital Personal Data Protection Act
  
  India Framework for Adoption of Cloud Services by SEBI
  
  India IRDAI ICS Guidelines
  
  India RBI Outsourcing of IT Services Directions
  
  Indonesia Personal Data Protection Law
  
  Japan Act on Protection of Personal Information
  
  Japan My Number Compliance
  
  J-Sox
  
  Korea Personal Information and Information Security Management System (ISMS-P)
  
  Monetary Authority of Singapore
  
  Philippines Data Privacy Act of 2012
  
  Philippines NPC Circular 2023-06
  
  Risk Management in Technology (RMiT) Policy
  
  Singapore MAS Advisory On Quantum
  
  Singapore Public Sector Data Security
  
  Singapore CCoP2.0
  
  South Korea's PIPA
  
  UIDAI's Aadhaar Number Regulation Compliance
  
  Vietnam Personal Data Protection Decree
  
  Protect Your Organization from Data Breach Notification Requirements
  
  Data breach disclosure notification laws vary by jurisdiction, but almost universally include a "safe harbor" clause.
  LEARN MORE
Solutions to Secure Your Digital Transformation

Whether it's securing the cloud, meeting compliance mandates or protecting software for the Internet of Things, organizations around the world rely on Thales to accelerate their digital transformation.

Implementing Strong Authentication for Office 365

Mitigate the risk of unauthorized access and data breaches.
Learn More
Partners
Thales Accelerate
Partner Network

Thales Partner Ecosystem includes several programs that recognize, rewards, supports and collaborates to help accelerate your revenue and differentiate your business. Provide more value to your customers with Thales's Industry leading solutions. Learn more to determine which one is the best fit for you.

The Thales Accelerate Partner Network provides the skills and expertise needed to accelerate results and secure business with Thales technologies.
Get the Brochure
Resources
- Area of Interest
- Data Security
  Resource Type
  
  White Papers
  
  eBooks
  
  Case Studies
  
  Infographics
  
  Webinars
  
  Videos
  
  Security Research
  
  Podcasts
  
  TalkingTrust Video Series
  
  Gartner® Report: Market Guide for Data Security Platforms
  
  Download the 2025 guide for Data Security Platforms, and learn how combining data security controls and fine-grained authorization leads to more efficient data security.
  Get the Report
- Access Management
  Resource Type
  
  White Papers
  
  eBooks
  
  Case Studies
  
  Infographics
  
  Webinars
  
  Videos
  
  Security Research
  
  Podcasts
  
  Magazine
  
  KuppingerCole Leadership Compass: Market Report and Guide for CIAM Solutions
  
  This report analyzes the CIAM market, and guides you to find the best solution for user registration, authentication, and compliance, enhancing customer experience.
  Get the Report
- Software Monetization
  Resource Type
  
  Blog
  
  Product Tours
  
  FAQ
  
  White Papers
  
  Case Studies
  
  Product Briefs
  
  Infographics
  
  Webinars
  
  Learning Hub
  
  How to get SaaS Software Licensing Right the First Time
  
  Explore the software licensing lifecycle, and how to build a cross-functional licensing team.
  Get the eBook
- Blog
Explore Thales' comprehensive resources for cloud, protection and licensing best practices.

A Global Leader in Data Security

Thales, together with Imperva, is a global leader in cybersecurity, helping the most trusted brands in the world protect their most critical applications, data, identities, and software anywhere at scale.
GET THE BROCHURE

Support
About
Contact Us
EN
- English (GB)
- Français
- Deutsch
- Italiano
- Español
- Português
- 日本語
- 한국어
- Microsites
- Polskie
- Nederlands
- 中文(繁體)

Cybersecurity Compliance with the NIST Cybersecurity Framework 2.0

The National Institute of Standards (NIST) Cybersecurity Framework (CSF) is one of the most widely adopted frameworks to help organizations of all types to manage cybersecurity risks. The NIST CSF 2.0 is the latest version of the framework, with significant updates and enhancements to address emerging threats and challenges in the ever more complex cyber space.

Thales can help organizations comply with the NIST CSF 2.0 by addressing essential cybersecurity requirements and automating security, reducing the burden on security and compliance teams.

Identify and Manage Risks

Gain visibility, control, and insight over risks to sensitive data and assets.

Automate Protection

Protect applications, data, and identities automatically based on policy across hybrid IT.

Mitigate and Respond to Attacks

Monitor for abnormal activities and mitigate attacks in real time.

eBook

How Thales helps organizations adopt the NIST Cybersecurity Framework 2.0

Thales helps organizations comply with NIST Cybersecurity Framework 2.0 with comprehensive cyber security solutions in three key areas of cybersecurity: Application Security, Data Security, and Identity & Access Management.

Learn More

What is the NIST CSF 2?

The National Institute of Standards (NIST) Cybersecurity Framework (CSF) 2.0 provides private and public organizations with guidance on how to manage cybersecurity risks. The NIST CSF 2.0 is not a mandate, but it is a voluntary guideline widely used globally to help organizations manage and improve cybersecurity practices.

Learn More

WHITE PAPER

Data Security: A Critical Component of NIST Cybersecurity Framework 2.0

Your NIST CSF 2.0 strategy you must include a data security strategy that delivers sensitive data discovery, data classification, and data analysis. This paper discusses the role data security plays in aligning to the NIST CSF 2.0 framework.

Learn More

Data Security: A Critical Component of NIST Cybersecurity Framework 2.0

Related Resources

Blog

Breaking it Down: A Data-Centric Security Perspective on NIST Cybersecurity Framework 2.0

Compliance

Data security compliance with the CMMC

Compliance

Data security compliance with the ISO/IEC 27001:2022

Compliance

PCI DSS Compliance Solutions: Addressing 4.0 Requirements

Compliance

Data Security Solutions for NIS2 Compliance

Other key data protection and security regulations

PCI HSM

MANDATE | ACTIVE NOW

The PCI HSM specification defines a set of logical and physical security compliance standards for HSMs specifically for the payments industry. PCI HSM Compliance certification depends on meeting those standards.

Learn More

DORA

REGULATION | ACTIVE NOW

DORA aims to strengthen the IT security of financial entities to make sure the financial sector in Europe is resilient in the face of the growing volume and severity of cyber-attacks.

Learn More

Data Breach Notification Laws

REGULATION | ACTIVE NOW

Data breach notification requirements following loss of personal information have been enacted by nations around the globe. They vary by jurisdiction but almost universally include a “safe harbor” clause.

Learn More

GLBA

REGULATION | ACTIVE NOW

The Gramm-Leach-Bliley Act (GLBA)--also known as the Financial Services Modernization Act of 1999--requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data.

Learn More

Contact a Compliance Specialist

cpl.thalesgroup.com

Visit our parent site at

www.thalesgroup.com

Products

Solutions

Partners

Resources

Support
- Customer Support
- Training Services

About

SUBSCRIBEGet the latest data protection and access management resources and insights delivered right to your inbox.

- Privacy Policy
- Disclaimer
- Sitemap
- Cookie Policy
- Terms & Conditions
- Do Not Sell My Personal Information