Department of Defense (DoD) contractors must adhere to the cybersecurity standards outlined in the Cybersecurity Maturity Model Certification (CMMC) framework. The CMMC provides increased assurance to the DoD that organizations operating in the Defense Industrial Base (DIB) sector will safeguard Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). As part of the CMMC standards, organizations must implement and update their antivirus software.
The Best Antivirus Software for DoD Contractors and the CMMC
The CMMC framework comprises 171 practices split into 17 domains. Three practices nested under the System and Information Integrity (SI) domain specifically pertain to contractor’s antivirus software as part of their cybersecurity efforts:
- SI.1.211 – Provide protection from malicious code at appropriate locations within organizational information systems.
- SI.1.212 – Update malicious code protection mechanisms when new releases are available.
- SI.1.213 – Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.
Installing antivirus software with configurations set to update regularly and run periodic scans will fulfill these required CMMC practices for performing basic cyber hygiene. The best antivirus software for DoD contractors will meet all three CMMC practices.
SI.1.211: Endpoint Protection
SI.1.211 requires that your organization has installed antivirus software on all endpoints, servers, and other applicable network locations. Your organization’s endpoints are all of the devices that remotely connect to your network.
Endpoints include commonly known items, such as workstation computers, laptops, phones, and other Internet of Things (IoT) devices. However, endpoint security should also extend to network-connected devices such as USB drives, printers, and badge scanners.
A cybersecurity specialist such as RSI Security can enhance your endpoint protection and complement the antivirus software by conducting penetration testing, improving firewalls, and deploying patches to address any discovered vulnerabilities.
SI.1.212: Regular Updates
SI.1.212 requires that organizations update all installed instances of antivirus software. Configuring your antivirus software to update automatically upon new version releases will adhere to this CMMC practice. Updates provide the most recent signature databases, which your software uses to identify known indicators of malicious code.
The best antivirus software relies on forefront cyberthreat intelligence, so ensuring you’ve installed the most recent version is critical.
SI.1.213: Real-Time Scanning
SI.1.213 requires that DoD contractors periodically scan their entire IT environment for signs of malicious activity and that their antivirus software scans all files originating from outside your network (e.g., email attachments, PDF downloads). Note that the CMMC doesn’t define the frequency of your periodic scans but specifies that externally originating files must be scanned in real-time during download and during opening or execution.
Sophisticated antivirus and antimalware software can scan files and code and neutralize any detected malicious elements to prevent breach incidents even if your employees click on a file or link by mistake. Antivirus online scans for phishing and other threats should be configured for the strictest security settings.
Outsourced Antivirus Software and Additional Considerations
Outsourcing your antivirus protections to a managed security services provider (MSSP) offers the most straightforward method to implementing best-in-class antivirus protections. In addition, partnering with an MSSP will reduce management costs and reclaim significant bandwidth for your security team.
An MSSP should provide your organization with the following security measures as part of or complementary to their antivirus services:
- Managed detection and response
- Penetration testing and root cause analysis
- Firewalls and web filtering
As cybersecurity experts, your MSSP can also offer consultation and extensive security training for your employees to improve their cyberthreat awareness further. Whether outsourcing management or overseeing software implementations in-house, DoD contractors must restrict users from changing configurations that may affect automatic updates and periodic scanning.
CMMC Levels for DoD Contractors
The CMMC measures cybersecurity maturity—demonstrated across its 171 practices—according to five Levels, but the framework can be confusing to understand. Note that the practices pertaining to antivirus software correlate to Level 1 maturity.
Each Level is indicative of implemented organizational “processes” and “practices.” Processes refer to an organization’s strategic approach to cybersecurity, and practices refer to the collective sophistication of its cyber hygiene. Each Level can also be characterized by FCI and CUI protections.
The Levels break down as follows:
- Level 1 – Level 1 focuses on safeguarding FCI with the practice of “Basic Cyber Hygiene.” The process for Level 1 is merely that cyber hygiene is “Performed.”
- Level 2 – Level 2 focuses on the transitional steps organizations take in preparation for securing CUI with the practice of “Intermediate Cyber Hygiene.” The process for Level 2 is that cyber hygiene efforts are “Documented.”
- Level 3 – Level 3 focuses on protecting CUI with the practice of “Good Cyber Hygiene.” The process for Level 3 is that cyber hygiene efforts are “Managed.”
- Level 4 – Level 4 focuses on protecting CUI and reducing the risk of Advanced Persistent Threats (APTs), demonstrated by adopting “Proactive” practices. The process for Level 4 is that organizations “Review” their cyber hygiene efforts to identify areas to improve.
- Level 5 – Level 5 focuses on protecting CUI and reducing the risk of Advanced Persistent Threats (APTs) as well, demonstrated by adopting “Advanced/Progressive” practices. The process for Level 5 is that organizations continually “optimize” their cyber hygiene efforts.
Implementing the Best Antivirus Software for DoD Contractors
The best antivirus protections that DoD contractors can implement must meet the CMMC’s practices specified in IS.1.211, IS.1.212, and IS.1.213. As an MSSP and compliance specialist, RSI Security can provide top-class antivirus software and outsourced services that meet DoD contractors’ CMMC needs.
Contact RSI Security today to learn more about CMMC-compliant antivirus software services.