3.11.3e

  • Requirement

    Employ advanced automation and analytics capabilities in support of analysts to predict and identify risks to organizations, systems, and system components.

  • Discussion

    A properly resourced Security Operations Center (SOC) or Computer Incident Response Team (CIRT) may be overwhelmed by the volume of information generated by the proliferation of security tools and appliances unless it employs advanced automation and analytics to analyze the data. Advanced automation and predictive analytics capabilities are typically supported by artificial intelligence concepts and machine learning. Examples include Automated Workflow Operations, Automated Threat Discovery and Response (which includes broad-based collection, context-based analysis, and adaptive response capabilities), and machine-assisted decision tools. [SP 800-30] provides guidance on risk assessments and risk analyses.

More Info

  • Family

    Risk Assessment
  • Protection Strategy

    • Damage-Limiting Operations

NIST 800-172A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!