CMMC 1.0 Practice SA.3.169 Requirement:
Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.
CMMC 1.0 SA.3.169 Requirement Explanation:
The objective is for your company to remain aware of the latest cyber threats and determine if they apply to your company.
Example CMMC 1.0 SA.3.169 Implementation:
Sign up for the US-CERTS alerts. This will provide you with "cyber threat intelligence" by informing you of vulnerabilities and security threats. If the vulnerabilities and threats apply to your company you can take action to protect yourself. Communicate these vulnerabilities and threats to relevant persons in your company.
CMMC 1.0 SA.3.169 Scenario(s):
- Scenario 1:
Your signed up for the US-CERT mailing list, providing you with alerts on the latest threats and vulnerabilities. In one of the emails you receive an alert on a critical vulnerability impacting Window 10 systems. The alert also provides guidance on how to patch the vulnerability. You provide this information to your IT team so that they can act on it and patch your Windows 10 systems.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.