CMMC Practice RM.4.149: Catalog and periodically update threat profiles and adversary TTPs.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
This practice enables organizations to proactively increase their ability to include the adversary perspective in their cybersecurity planning and incident response. Organizations should know that setting up a security perimeter around their enterprise is no longer enough to keep that enterprise protected against the adversaries of today. Understanding the adversaries TTPs, and documenting how these techniques could be used against an organization is one of the first steps needed in order to keep the adversaries at bay. If an adversary gains access to an organization’s enterprise, knowledge of their actions, what their standard operating procedures are, and what they may be going after can be a key part in eradicating them from your enterprise. See practice IR.4.100 for use of this information.