SA.3.169 Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.

CMMC Practice SA.3.169: Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.

Links to Publicly Available Resources

CMMC CLARIFICATION (Ref CMMC – Appendix B)

To enhance situational awareness activities within the organization, leverage external sources for cybersecurity threat information. Establish a relationship with external organizations, or periodically survey relevant sources, to ensure you are receiving up-to-date threat intelligence information pertinent to your organization. Examples of sources include: US-CERT, various critical infrastructure sector ISACs, ICS-CERT, industry associations, vendors, and federal briefings.

Threat information is reviewed and, if applicable to your organization, communicated to the appropriate stakeholders for action.