CMMC v2.0_SC.L2-3.13.2

CMMC v2.0



Employ architectural designs software development techniques and systems engineering principles that promote effective information security within organizational systems

Organizations apply systems security engineering principles to new development systems or systems undergoing major upgrades. For legacy systems organizations apply systems security engineering principles to system upgrades and modifications to the extent feasible given the current state of hardware software and firmware components within those systems. The application of systems security engineering concepts and principles helps to develop trustworthy secure and resilient systems and system components and reduce the susceptibility of organizations to disruptions hazards and threats. Examples of these concepts and principles include developing layered protections; establishing security policies architecture and controls as the foundation for design; incorporating security requirements into the system development life cycle; delineating physical and logical security boundaries; ensuring that developers are trained on how to build secure software; and performing threat modeling to identify use cases threat agents attack vectors and patterns design patterns and compensating controls needed to mitigate risk. Organizations that apply security engineering concepts and principles can facilitate the development of trustworthy secure systems system components and system services; reduce risk to acceptable levels; and make informed risk-management decisions.[SP 800-160-1] provides guidance on systems security engineering


Click here to Start your FREE trial today!

Explainer video


What is a Cybersecurity Compliance Framework?

You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to highly-specialized and in-demand top security and privacy frameworks and certifications.

With the Lionfish platform, every framework is supported with guided scoping, policies, controls, automated evidence collection, and continuous monitoring, ensuring efficient preparation for audits or attestation in minimal time.

The Lionfish platform is compatible with a wide range of security and privacy frameworks, including:

Click here to Start your FREE trial today!

Explainer video