"State entities must ensure that they abide by this standard and have all required capabilities," the Statewide Information Management Manual 5355-A reads.
All departments will be required to fill in the holes of their systems, even if their platforms do some of what the requirement outlines.
The release was addressed to all chief information officers, information security officers and agency information officers. The standard requires minimum endpoint protection as outlined in SIMM 5355-A. The SIMM includes prescriptions for:
- Detection and protection capabilities
- Investigative support capabilities
- Containment capabilities
- Remediation capabilities