CMMC 1.0 Practice SI.1.210 Requirement:
Identify, report, and correct information and information system flaws in a timely manner.
CMMC 1.0 SI.1.210 Requirement Explanation:
Information system flaws generally refer to security vulnerabilities in software and operating systems. Hackers can exploit software vulnerabilities to access your systems and data. Install software security updates to remediate vulnerabilities.
Example CMMC 1.0 SI.1.210 Implementation:
Identify your systems that are missing security updates. This includes your workstations, servers, and network devices. Install the missing updates onto the identified systems. Going forward, install security updates when they released. It is always a good idea to test updates before deploying them to all your systems.
CMMC 1.0 SI.1.210 Scenario(s):
- Scenario 1:
A hacker announced that he discovered a vulnerability in Microsoft Windows 10. Several days later Microsoft released a Windows security update to remediate the vulnerability. Alice installs the security updates on her Windows 10 systems. Alice's systems can not be exploited by the new vulnerability.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.