Modernizing Government Cybersecurity
Enabling and securing your mission: That's our mission. Let us prove why we are the best choice for your agency.
Contact Cisco
-
-
Call Sales:
- 1-800-553-6387
- US/CAN | 5am-5pm PT
Why Cisco Security for governments around the world
At Cisco, we have been helping government agencies of all sizes address their unique security and compliance challenge for decades. We understand the latest threats and how trends in digitization, mobility, IoT, and multicloud affect your cyber profile--and how you don't need another vendor to manage. We get it. You need a security partner you can trust.
That's why we are building the only integrated security platform that simplifies your experience, accelerates your mission's success, and secures your agency's future. You'll find skilled security experts behind our platform who understand government security, compliance requirements, and your unique challenges. We make security technologies work in concert with your staff to raise your cyber profile, mitigate risks, and comply with mandates.
Master the basics of zero trust security
Secure access for your workforce, workloads, and workplace
Zero trust for the workforce
Cisco Duo helps protect users and their devices against stolen credentials, phishing, and other identity-based attacks. It verifies users' identities and establishes device trust before granting access to applications.
Zero trust for workload
Secure your hybrid, multicloud workloads and contain lateral movement with application segmentation from Cisco Tetration.
Zero trust for workplace
Cisco Software-Defined Access (SD-Access) helps you gain insight into users and devices, identify threats, and maintain control over all connections across your network, including Internet of Things devices.
Modernizing government cybersecurity
In May 2021, the White House issued an Executive Order (EO) on "Improving the Nation's Cybersecurity" to modernize government cybersecurity through cloud adoption, better detection, investigation, and response. The executive order aimed to improve threat information sharing, protect critical applications, shore up supply chains, standardize incident response playbooks, and more.
This white paper addresses how Cisco Secure Solutions can answer the president's executive order and improve national cybersecurity. The report also maps Cisco Secure products directly to the requirements laid out in the executive order.
Cisco Umbrella for Government
Protect cloud applications and hybrid workers with advanced cloud-delivered security.
Cisco Duo
Verify identities with intuitive, multi-factor authentication and dynamic device trust.
Cisco's XDR approach
Boost productivity with our integrated, cloud-native endpoint and network detection and response.
Cisco Zero Trust
Secure comprehensive zero-trust access for workforce, workplace, workloads.
Cisco Catalyst SD-WAN
Experience modern, encrypted connectivity on our SASE-enabled architecture.
Global government security solutions
CIS Benchmarks
Center for Internet Security (CIS) Benchmarks are configuration baselines and best practices for securely configuring a system. Each of the guidance recommendations references one or more CIS Controls that help organizations improve their cyber defense capabilities.
ISO 27001
ISO/IEC 27001 is a security standard that specifies an Information Security Management System (ISMS) that is intended to bring security under explicit management control. It mandates requirements that define how to implement, monitor, maintain, and continually improve the ISMS.
SOC (1, 2, and 3)
System and Organization Controls (SOC) for service organizations are internal control reports created by the American Institue of Certified Pubic Accountants (AICPA). The reports examine services provided by a service organization so that end users can asses and address risk associated with an outsourced service.
US government security solutions
CDM
Continuous Diagnostics and Mitigation (CDM) is a program initiated by the U.S. Department of Homeland Security to enhance the cybersecurity posture of federal agencies. It provides agencies with capabilities to identify cybersecurity risks in real-time and prioritize them for mitigation. Through automated tools and processes, CDM aims to improve situational awareness and strengthen the overall security of federal information systems.
DNI NITTF Insider Threat Maturity Framework
The DNI NITTF has developed the Maturity Framework to enhance Insider Threat Programs. See how Cisco Secure maps to the framework.
FedRAMP
The US Federal Risk and Authorization Management Program (FedRAMP) was established in December 2011 to provide a standardized approach for assessing, monitoring, and authorizing cloud computing products and services under the Federal Information Security Management Act (FISMA), and to accelerate the adoption of secure cloud solutions by US federal agencies.
NIST SP 800-171
NIST Special Publication 800-171 provides guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. It outlines specific security requirements that contractors and other entities must implement to safeguard CUI, ensuring its confidentiality and integrity.
MITRE ATT&CK
The MITRE ATT&CK framework is a comprehensive knowledge base that details adversary tactics and techniques based on real-world observations of cyber threats. It provides a structured approach for understanding and analyzing the actions of cyber attackers, helping organizations strengthen their cybersecurity defenses.
CJIS (PDF)
The FBI Criminal Justice Information Services (CJIS) Security Policy outlines the guidelines and standards for protecting sensitive criminal justice information. It sets forth the minimum security requirements for access, use, and dissemination of this data to ensure its confidentiality, integrity, and availability. The policy applies to all entities that interact with criminal justice information, including federal, state, local, and tribal agencies.
DoD Impact Levels
The Department of Defense (DoD) Impact Levels categorize information based on its sensitivity and the potential impact of a security breach. There are six impact levels, ranging from Level 1, which covers public information, to Level 6, which involves classified national security information. These impact levels help determine the security controls and measures required for cloud service offerings to ensure the protection of DoD data.
FIPS 140
As a leader in securing Federal Information Processing Standard (FIPS) 140 validations, Cisco is dedicated to providing innovation solutions for next-generation encryption.
NIST SP 800-172
NIST Special Publication 800-172 is an extension of NIST SP 800-171, designed to enhance the protection of Controlled Unclassified Information (CUI) in non-federal systems, particularly against advanced persistent threats (APTs). It provides a set of enhanced security requirements that organizations can implement to bolster their defenses and ensure robust protection of sensitive information.
CMMC
The Cybersecurity Maturity Model Certification (CMMC) is a framework established by the U.S. Department of Defense to enhance the cybersecurity posture of its contractors. It encompasses a set of cybersecurity practices and processes across five maturity levels, ensuring that contractors can adequately protect sensitive information.
DoD Zero Trust (PDF)
The DoD Zero Trust framework emphasizes stringent security measures. Cisco's solutions support this approach by providing advanced network security and visibility.
NIST SP 800-53
NIST Special Publication 800-53 is a comprehensive set of guidelines developed by the National Institute of Standards and Technology for securing federal information systems. It outlines a catalog of security and privacy controls that organizations can implement to protect their information and systems against a variety of threats.
NIST Cybersecurity Framework (PDF)
NIST CSF guidance to help you manage cyber risk and improve your cyber program through five important functions: Identity, Protect, Detect, Respond, and Recover.
Regional government security solutions – Asia Pacific
Japan ISMAP
The Information System Security Management and Assessment Program (ISMAP) in Japan is a government initiative designed to evaluate and certify the security of cloud service providers. It establishes a standardized framework for assessing cloud services to ensure they meet stringent security requirements for use by government agencies. By certifying compliant providers, ISMAP aims to enhance trust in cloud services and promote the secure adoption of cloud technology within the public sector.
India MeitY
The Japan-India collaboration through the Ministry of Electronics and Information Technology (MeitY) focuses on enhancing cooperation in the field of information and communication technology (ICT). This partnership aims to foster innovation, share best practices, and strengthen digital infrastructure between the two nations. By working together, Japan and India seek to advance technological development and address common challenges in cybersecurity and digital governance.
Regional government security solutions – Europe
DORA
The Digital Operational Resilience Act (DORA) Framework is a legislative proposal by the European Union aimed at enhancing the IT security of financial entities across the EU. It seeks to establish a unified approach to managing digital risks, ensuring that financial institutions can withstand, respond to, and recover from all types of ICT-related disruptions and threats.
EU GDPR
The General Data Protection Regulation (GDPR) is a comprehensive data protection law implemented by the European Union to safeguard the personal data of individuals within the EU. It establishes strict rules for how organizations collect, process, and store personal data, granting individuals greater control over their information. The GDPR also introduces significant penalties for non-compliance, encouraging organizations worldwide to adopt robust data protection practices.
EU Cloud CoC
The EU Cloud Code of Conduct (EU Cloud CoC) is a voluntary framework designed to ensure cloud service providers in the European Union adhere to high standards of data protection. It aligns with the General Data Protection Regulation (GDPR) and provides guidelines for transparency, security, and accountability in cloud services. By adopting the Code, cloud providers demonstrate their commitment to protecting personal data and building trust with customers in the EU market.
NIS2 Directive
The EU NIS2 Directive is an updated framework aimed at enhancing the cybersecurity and resilience of critical infrastructure across the European Union. It expands on the original Network and Information Systems (NIS) Directive by broadening its scope to include more sectors and imposing stricter cybersecurity requirements. The directive seeks to improve cooperation among EU member states, standardize security measures, and ensure a high level of protection against cyber threats across essential services and digital infrastructure.
EU ENISA IAF
The European Union Agency for Cybersecurity (ENISA) developed the Information Assurance Framework (IAF) to enhance cybersecurity resilience across Europe. The IAF provides guidelines and best practices for securing information systems and managing cybersecurity risks effectively. It aims to support both public and private organizations in strengthening their cybersecurity posture and ensuring the protection of critical information infrastructures.
Trusted Internet Connections (TIC) 3.0 resources
Cisco Architecture Guide
Learn how to address your connectivity and security needs today while preparing for a zero trust future.
Cisco Design Guide (PDF)
The Cisco TIC 3.0 Design Guide is an extension of the Architecture Guide and details how to implement the architecture.
Cisco Overlay Guidance (PDF)
This document provides product mappings to the security capabilities outlined in the CISA TIC 3.0 guidance documentation.
Build your skills with modern tech
Hands-on cyber experience is always in demand. Start building your skills with modern Cisco Secure solutions. Everyone is invited to these engaging, no-cost workshops.
Around the web
We can help
Free security offers
Get started with the right security offer for your agency.
Security Operations Simplified with XDR
Go from endless investigation to remediating the highest priority incidents with greater speed efficiency, and confidence.
Cybersecurity for Government
Cover your entire infrastructure with our best-of-breed cybersecurity products.