AU-13: Monitoring for Information Disclosure

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:

Baselines:

  • Low

    N/A

  • Moderate

    N/A

  • High

    N/A

  • Privacy

    N/A

Previous Version:

Control Statement

  1. Monitor [Assignment: organization-defined open-source information and/or information sites] [Assignment: organization-defined frequency] for evidence of unauthorized disclosure of organizational information; and
  2. If an information disclosure is discovered:
    1. Notify [Assignment: organization-defined personnel or roles]; and
    2. Take the following additional actions: [Assignment: organization-defined additional actions].

Supplemental Guidance

Unauthorized disclosure of information is a form of data leakage. Open-source information includes social networking sites and code-sharing platforms and repositories. Examples of organizational information include personally identifiable information retained by the organization or proprietary information generated by the organization.

Control Enhancements

AU-13(1): Use of Automated Tools

Baseline(s):

(Not part of any baseline)

Monitor open-source information and information sites using [Assignment: organization-defined automated mechanisms].

AU-13(2): Review of Monitored Sites

Baseline(s):

(Not part of any baseline)

Review the list of open-source information sites being monitored [Assignment: organization-defined frequency].