Got questions? Contact our team today for a free CMMC Consultation
3.2.1
Ensure that managers, systems administrators, and users are trained on the security risks associated with their roles and activities through recurring, role-specific security awareness programs based on organizational policies and current threat intelligence.
More details Less details
+ —
Relevant NIST SP 800-53 R5
AT-2: Security Awareness Training
AT-3: Role-Based Security Training
Recommended Microsoft Licensing
Microsoft 365 E5 with GCC High
(includes Defender for Office 365 Plan 2 with Attack Simulation Training and behavior-driven awareness campaigns)
3.2.2
Ensure personnel receive role-specific training aligned to their security responsibilities. Training should be recurring, scenario-based, and reflect current threats relevant to their duties.
More details Less details
+ —
Relevant NIST SP 800-53 R5
AT-2: Security awareness training
AT-3: Role-based security training
Recommended Microsoft Licensing
Microsoft 365 E5 with GCC High
(includes Defender for Office 365 Plan 2 with role-based attack simulations and training automation)
3.2.3
Provide security awareness training on recognizing and reporting potential indicators of insider threat and report them through proper channels. Training should include real-world scenarios, communication red flags, and organizational escalation procedures.
More details Less details
+ —
Relevant NIST SP 800-53 R5
AT-2 (2): Security Awareness Training - Insider Threat
Recommended Microsoft Licensing
Microsoft 365 E5 with GCC High
(includes Attack Simulation Training in Defender for Office 365 P2, Insider Risk Management, and Communication Compliance for early detection and reinforcement of training)
Contact our team today
See how Agile IT's MSP for CMMC can strengthen your data security and allow your team to focus on your business's objectives and success.
Schedule a FREEconsultation