Back

Communicate threat intelligence to interested personnel and affected parties.


CONTROL ID
14016
CONTROL TYPE
Communicate
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a Technical Surveillance Countermeasures program., CC ID: 11401

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • engage with stakeholders (including Government, industry participants and customers) regarding threats and countermeasures, as appropriate; (39(b)., APRA Prudential Practice Guide CPG 234 Information Security, June 2019)
  • Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness. (RS.CO-5, CRI Profile, v1.2)
  • Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders. (SA.3.169, Cybersecurity Maturity Model Certification, Version 1.0, Level 3)
  • Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders. (SA.3.169, Cybersecurity Maturity Model Certification, Version 1.0, Level 4)
  • Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders. (SA.3.169, Cybersecurity Maturity Model Certification, Version 1.0, Level 5)
  • Serve as a central clearinghouse for all reported intrusion incidents, security alerts, bulletins, and other security-related material. (§ 5.3.1.1.1 ¶ 1 (2), Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.8, Version 5.8)
  • Serve as a central clearinghouse for all reported intrusion incidents, security alerts, bulletins, and other security-related material. (§ 5.3.1.1.1 ¶ 1 2., Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.9.1, Version 5.9.1)
  • Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers. (T0698, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
  • Monitor operational environment and report on adversarial activities which fulfill leadership's priority information requirements. (T0752, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
  • The threat context identifies threat sources, threat events, and threat scenarios of concern for the system of interest. In particular, the threat context helps to identify the characteristics and behaviors of adversaries whose attacks would necessarily undermine the system's ability to execute or s… (3.2.1.4 ¶ 1, NIST SP 800-160, Developing Cyber-Resilient Systems: A Systems Security Engineering Approach, Volume 2, Revision 1)
  • Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers. (T0698, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Monitor operational environment and report on adversarial activities which fulfill leadership's priority information requirements. (T0752, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Provide time sensitive targeting support. (T0799, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Brief threat and/or target current situations. (T0593, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Provide input to or develop courses of action based on threat factors. (T0728, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Collaborate with intelligence analysts/targeting organizations involved in related areas. (T0597, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Incorporates the results from malicious code analysis into organizational incident response and flaw remediation processes. (SI-3(10)(b), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Incorporate the results from malicious code analysis into organizational incident response and flaw remediation processes. (SI-3(10)(b), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Incorporate the results from malicious code analysis into organizational incident response and flaw remediation processes. (SI-3(10)(b), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)