CMMC 1.0 Practice IR.2.097 Requirement:
Perform root cause analysis on incidents to determine underlying causes.
CMMC 1.0 IR.2.097 Requirement Explanation:
Incidents offer valuable learning opportunities for improving your security posture. In most cases security incidents could have been prevented, you need to identify the security gaps that allowed the incident to occur.
Example CMMC 1.0 IR.2.097 Implementation:
After an incident is contained review it to identify how it happened and what can be done to prevent it from occurring again. This process should be documented and conducted by your incident response team with the input of relevant stakeholders.
CMMC 1.0 IR.2.097 Scenario(s):
- Scenario 1:
A user received a phishing email and clicked on the malicious link where he entered the user name and password to his account. As a result the attacker took control of the account. Thankfully your incident response team was able to regain control.
- Scenario 2:
Your incident response team conducted a root cause analysis and determined the cause of the incident to be a lack of user security awareness training. To prevent incident recurrence you decide to send security awareness emails to employees weekly and conducted phishing attack scenarios to prepare your users for similar attacks.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.