NIS2 · Article 21 — Risk-management measures
Art. 21(2)(h) Cryptography and encryption
Adopt policies and procedures on the use of cryptography and, where appropriate, encryption.
Mapped across 15 provisions
Equivalent and related requirements in other frameworks and regulations.
- CIS Controls v8EquivalentCurated3.11 Encrypt sensitive data at rest
Cryptography & data protection
- DORAPartialCuratedArt. 9 Protection and prevention
Cryptography & data protection
- GDPRPartialCuratedArt. 32 Security of processing
Cryptography & data protection
- GLBAEquivalentCurated§314.4(c)(3) Encryption of customer information
Cryptography & data protection
- HIPAAEquivalentCurated§164.312(e)(1) Transmission security
Cryptography & data protection
- ISO 27001EquivalentCuratedA.8.24 Use of cryptography
Cryptography & data protection
- LGPDPartialCuratedArt. 46 Security measures
Cryptography & data protection
- NIST 800-171EquivalentCurated3.13.11 Employ FIPS-validated cryptography
Cryptography & data protection
- NIST 800-53EquivalentCuratedSC-8 Transmission confidentiality and integrity
Cryptography & data protection
- NIST 800-53EquivalentCuratedSC-28 Protection of information at rest
Cryptography & data protection
- NIST CSF 2.0EquivalentCuratedPR.DS-01 Confidentiality of data-at-rest protected
Cryptography & data protection
- NIST CSF 2.0EquivalentCuratedPR.DS-02 Confidentiality of data-in-transit protected
Cryptography & data protection
- PCI DSSEquivalentCuratedReq. 3 Protect stored account data
Cryptography & data protection
- PCI DSSEquivalentCuratedReq. 4 Protect cardholder data with strong cryptography during transmission
Cryptography & data protection
- SOC 2PartialCuratedCC6.7 Restricting data transmission
Cryptography & data protection