SC-8(1): Cryptographic Or Alternate Physical Protection

Control Family:

System And Communications Protection

Parent Control:

SC-8: Transmission Confidentiality And Integrity

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

Threats Addressed:

Baselines:

Moderate
High

Next Version:

NIST Special Publication 800-53 Revision 5:
SC-8(1): Cryptographic Protection

Control Statement

The information system implements cryptographic mechanisms to [Selection (one or more): prevent unauthorized disclosure of information; detect changes to information] during transmission unless otherwise protected by [Assignment: organization-defined alternative physical safeguards].

Supplemental Guidance

Encrypting information for transmission protects information from unauthorized disclosure and modification. Cryptographic mechanisms implemented to protect information integrity include, for example, cryptographic hash functions which have common application in digital signatures, checksums, and message authentication codes. Alternative physical security safeguards include, for example, protected distribution systems.

Control Statement

Supplemental Guidance

Related Controls

Critical Security Controls Version 8

Critical Security Controls Version 7.1