| United States (Federal) | — | — | in_force | cross-sector | |
| United States (Federal) | Cybersecurity and Infrastructure Security Agency | — | proposed | critical infrastructure | |
| South Africa | Information Regulator of South Africa | — | in_force | cross-sector | |
| Singapore | Cyber Security Agency of Singapore | — | in_force | cross-sector | |
| China | Cyberspace Administration of China | — | amended | cross-sector | |
| European Union | European Banking Authority | — | in_force | financial | |
| European Union | European Union Agency for Cybersecurity | — | in_force | cross-sector | |
| Saudi Arabia | National Cybersecurity Authority | — | in_force | cross-sector | |
| United Arab Emirates | Telecommunications and Digital Government Regulatory Authority | — | in_force | cross-sector | |
| United States (Federal) | Office of Management and Budget | — | in_force | government | |
| United States (Federal) | Federal Trade Commission | — | in_force | financial | |
| United States (Federal) | Department of Health and Human Services | — | in_force | healthcare | |
| India | Indian Computer Emergency Response Team | — | in_force | cross-sector | |
| United Kingdom | National Cyber Security Centre | — | in_force | cross-sector | |
| New York | New York Department of Financial Services | — | in_force | financial | |
| United Kingdom | National Cyber Security Centre | — | in_force | technology | |
| European Union | European Union Agency for Cybersecurity | — | in_force | technology | |
| Brazil | Banco Central do Brasil | — | in_force | financial | |
| United States (Federal) | Securities and Exchange Commission | — | in_force | financial | |
| Australia | Australian Signals Directorate | — | in_force | critical infrastructure | |