Back to Control Explorer
SA.3.169
Content
Control Acronym
SA
Family
Situational Awareness
CMMC Level
3
800-171 Control #
N/A
CMMC Description
Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.
CMMC Clarification
To enhance situational awareness activities within the organization, leverage external sources for cybersecurity threat information. Establish a relationship with external organizations, or periodically survey relevant sources, to ensure you are receiving up-todate threat intelligence information pertinent to your organization. Examples of sources include: US-CERT, various critical infrastructure sector ISACs, ICS-CERT, industry associations, vendors, and federal briefings. Threat information is reviewed and, if applicable to your organization, communicated to the appropriate stakeholders for action. Example You are in charge of IT operations for your company. Part of your role is to ensure you are aware of up-to-date cyber threat intelligence information so you can properly perform risk assessments and vulnerability analyses. To do this, you join a defense sector ISAC, and signup for alerts from US-CERT. You use information you receive from these external entities to update your threat profiles, vulnerability scans, and risk assessments. Also, you use these sources to gather best practices for informing your employees of potential threats and disseminate the information throughout your organization to the appropriate stakeholders.
800-171 Description
800-171 Discussion
N/A
Other Source Discussion
CMMC Establish relationships with external organizations to gather cyber threat intelligence information. Cyber threat information from external sources should inform situational awareness activities within the organization. Relevant external threat information is communicated to stakeholders within the organization for appropriate action if needed.
CIS Control References
NIST 800-53 Control Ref.
NIST SP 800-53 Rev 4 PM-16
CMMC Derived
CMMC
NIST CSF Control References
NIST 800-171 References
Applicable FAR Clause
NIST CSF Control Reference
NIST CSF v1.1 ID.RA-2
CERT RMM Reference
Modification of NIST 800-171B Reference
NIST 800-171B Reference
UK NCSCCyber Reference
AS ACSC Reference
Sub-Criterias
Assessment Sub-Criteria 1
SA.3.169.[a] the organization identifies cyber threat intelligence from information sharing forums and sources;
Assessment Sub-Criteria 2
SA.3.169.[b] the organization responds to cyber threat intelligence from information sharing forums and sources; and
Assessment Sub-Criteria 3
SA.3.169.[c] the organization communicates this information to appropriate stakeholders.