SC-7(9): Restrict Threatening Outgoing Communications Traffic

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Next Version:

Control Statement

The information system:

  1. Detects and denies outgoing communications traffic posing a threat to external information systems; and
  2. Audits the identity of internal users associated with denied communications.

Supplemental Guidance

Detecting outgoing communications traffic from internal actions that may pose threats to external information systems is sometimes termed extrusion detection. Extrusion detection at information system boundaries as part of managed interfaces includes the analysis of incoming and outgoing communications traffic searching for indications of internal threats to the security of external systems. Such threats include, for example, traffic indicative of denial of service attacks and traffic containing malicious code.