CMMC 1.0 Practice SA.3.169 Requirement:

Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.

CMMC 1.0 SA.3.169 Requirement Explanation:

The objective is for your company to remain aware of the latest cyber threats and determine if they apply to your company.

Example CMMC 1.0 SA.3.169 Implementation:

Sign up for the US-CERTS alerts. This will provide you with "cyber threat intelligence" by informing you of vulnerabilities and security threats. If the vulnerabilities and threats apply to your company you can take action to protect yourself. Communicate these vulnerabilities and threats to relevant persons in your company.

CMMC 1.0 SA.3.169 Scenario(s):

- Scenario 1:

Your signed up for the US-CERT mailing list, providing you with alerts on the latest threats and vulnerabilities. In one of the emails you receive an alert on a critical vulnerability impacting Window 10 systems. The alert also provides guidance on how to patch the vulnerability. You provide this information to your IT team so that they can act on it and patch your Windows 10 systems.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.