��������Ƶ

CFAA: Computer Fraud and Abuse Act - Federal law that criminalizes unauthorized access to computer systems and networks

ECPA: Electronic Communications Privacy Act - Extends government restrictions on wire taps to include electronic data transmissions

FISMA: Federal Information Security Management Act - Defines framework for protecting government information, operations and assets against threats

Privacy Act 1974: Establishes code of fair information practices governing collection, maintenance, use, and dissemination of personal information

SOX: Sarbanes-Oxley Act - Requires public companies to establish internal controls and procedures for financial reporting

HIPAA: Health Insurance Portability and Accountability Act - Sets national standards for protection of individuals' medical records and health information

GLBA: Gramm-Leach-Bliley Act - Requires financial institutions to explain information-sharing practices and protect sensitive data

PCI DSS: Payment Card Industry Data Security Standard - Information security standard for organizations handling credit card data

FERPA: Family Educational Rights and Privacy Act - Federal law protecting privacy of student education records

DFARS: Defense Federal Acquisition Regulation Supplement - Cybersecurity requirements for defense contractors

State Breach Laws: Various state-specific requirements for notifying individuals of security breaches involving personally identifiable information

CCPA: California Consumer Privacy Act - Enhances privacy rights and consumer protection for residents of California

SHIELD Act: New York's Stop Hacks and Improve Electronic Data Security Act - Requires businesses to implement safeguards for private information

NIST Framework: National Institute of Standards and Technology Cybersecurity Framework - Guidelines for private sector organizations to assess and improve cybersecurity

ISO 27001: International standard for information security management systems (ISMS)

CIS Controls: Center for Internet Security Controls - Set of actions for cyber defense

COBIT: Control Objectives for Information and Related Technologies - Framework for IT governance and management