CMMC 1.0 Practice SA.3.169 Requirement:

Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.

CMMC 1.0 SA.3.169 Requirement Explanation:

The objective is for your company to remain aware of the latest cyber threats and determine if they apply to your company.

Example CMMC 1.0 SA.3.169 Implementation:

Sign up for the US-CERTS alerts. This will provide you with "cyber threat intelligence" by informing you of vulnerabilities and security threats. If the vulnerabilities and threats apply to your company you can take action to protect yourself. Communicate these vulnerabilities and threats to relevant persons in your company.

CMMC 1.0 SA.3.169 Scenario(s):

- Scenario 1:

Your signed up for the US-CERT mailing list, providing you with alerts on the latest threats and vulnerabilities. In one of the emails you receive an alert on a critical vulnerability impacting Window 10 systems. The alert also provides guidance on how to patch the vulnerability. You provide this information to your IT team so that they can act on it and patch your Windows 10 systems.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.