Provide literacy training on the cyber threat environment; and Reflect current cyber threat information in system operations.
(a) Provide literacy training on the cyber threat environment; and
(b) Reflect current cyber threat information in system operations.
Since threats continue to change over time, threat literacy training by the organization is dynamic. Moreover, threat literacy training is not performed in isolation from the system operations that support organizational mission and business functions.