Filter

Awareness and Training (AT)

Provide security awareness training on recognizing and reporting potential indicators of insider threat.


Login

Awareness and Training (AT)

Provide awareness training upon initial hire, following a significant cyber event, and at least annually, focused on recognizing and responding to threats from social engineering, advanced persistent threat actors, breaches, and suspicious behaviors; update the training at least annually or when there are significant changes to the threat.


Login

Awareness and Training (AT)

Include practical exercises in awareness training for all users, tailored by roles, to include general users, users with specialized roles, and privileged users, that are aligned with current threat scenarios and provide feedback to individuals involved in the training and their supervisors.


Login

Audit and Accountability (AU)

Level 2

Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.


Login

Audit and Accountability (AU)

Ensure that the actions of individual system users, can be uniquely traced to those users so they can be held accountable for their actions.


Login

Audit and Accountability (AU)

Level 2

Review and update logged events.


Login

Audit and Accountability (AU)

Alert in the event of an audit logging process failure.


Login

Audit and Accountability (AU)

Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.


Login

Audit and Accountability (AU)

Provide audit record reduction and report generation to support on-demand analysis and reporting.


Login

Audit and Accountability (AU)

Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.


Login