NIST 800-53 REV 5 • AWARENESS AND TRAINING

AT-2(6)Cyber Threat Environment

Provide literacy training on the cyber threat environment; and Reflect current cyber threat information in system operations.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Since threats continue to change over time, threat literacy training by the organization is dynamic. Moreover, threat literacy training is not performed in isolation from the system operations that support organizational mission and business functions.

Practitioner Notes

Keep people informed about the current cyber threat environment. Threats evolve, and training should evolve with them.

Example 1: Subscribe to CISA alerts, US-CERT advisories, and the FBI InfraGard program. When a relevant advisory is released (like a new phishing campaign targeting defense contractors), send a brief all-hands email summarizing the threat and what to watch for.

Example 2: Create a monthly security newsletter using a simple email template. Include a "Threat of the Month" section, a recent incident lesson, a security tip, and recognition for employees who reported suspicious activity. Keep it short — under 500 words — so people actually read it.

More Awareness and Training Controls

AT-1 Policy and Procedures AT-2 Literacy Training and Awareness AT-2(1) Practical Exercises AT-2(2) Insider Threat