Skip to content
CMMC 2.13
CMMC · Rev 2.131FAMILY SI

SI.L1-b.1.xiii

Malicious Code Protection [FCI Data]

Requirement

Provide protection from malicious code at appropriate locations within organizational information systems.

Further discussion

Malicious code purposely performs unauthorized activity that undermines the security of an information system. A designated location may be a network device such as a firewall or an end user’s computer. Malicious code, which can be delivered by a range of means (e.g., email, removable media, or websites), includes the following: • Virus – program designed to cause damage, steal information, change data, send email, show messages, or any combination of these things; • Spyware – program designed to secretly gather information about a person’s activity; • Trojan Horse – type of malware made to look like legitimate software and used by cyber criminals to get access to a company’s systems; and • Ransomware – type of malware that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. Consider use of anti-malware tools to stop or lessen the impact of malicious code. Example Your company’s IT team is buying new computers and wants to protect your company’s information from viruses and spyware. The computers will be used to process, store, and transmit FCI. They research anti-malware products, select an appropriate solution, and deploy antivirus software on all hosts for which satisfactory antivirus software is available [a,b]. Potential Assessment Considerations • Are system components (e.g., workstations, servers, email gateways, mobile devices) for which malicious code protection must be provided identified and documented [a]?

Supporting controls

NIST 800-171 · Rev 21 mapped

Create a free account or log in to view the cross-referenced controls.

Implementation strategies

10 recommended strategies for this practice.

Create a free account or log in to view the implementation strategies.

Source: DoD CIO · https://dodcio.defense.gov/CMMC/