Essential Cybersecurity Controls (ECC – 2 : 2024) - Cybersecurity Incident And Threat Management; Documentation and Requirements - Lake Ridge

Compliance Solutions

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
Learn More

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
Learn More

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
Learn More

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.
Learn More
About
Contact

Login

Essential Cybersecurity Controls (ECC – 2 : 2024) - 2-13-1

Requirements For Cybersecurity Incidents And Threat Management Must Be Defined, Documented And Approved.

View Requirement

Essential Cybersecurity Controls (ECC – 2 : 2024) - 2-13-2

The Requirements For Cybersecurity Incidents And Threat Management Must Be Implemented.

View Requirement

Essential Cybersecurity Controls (ECC – 2 : 2024) - 2-13-3

The requirements for cybersecurity incidents and threat management must include at least the following:

Cybersecurity incident response plans and escalation procedures.
Cybersecurity incidents classification.
Cybersecurity incidents reporting to NCA
Sharing incidents notifications, threat intelligence, breach indicators and reports with NCA.
Collecting and handling threat intelligence feeds.

View Requirement

Essential Cybersecurity Controls (ECC – 2 : 2024) - 2-13-4

The Requirements For Cybersecurity Incidents And Threat Management Must Be Reviewed Periodically.

View Requirement