AU-13(3): Unauthorized Replication of Information

CSF v1.1 References:

Threats Addressed:

Baselines:

(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

Employ discovery techniques, processes, and tools to determine if external entities are replicating organizational information in an unauthorized manner.

Supplemental Guidance

The unauthorized use or replication of organizational information by external entities can cause adverse impacts on organizational operations and assets, including damage to reputation. Such activity can include the replication of an organizational website by an adversary or hostile threat actor who attempts to impersonate the web-hosting organization. Discovery tools, techniques, and processes used to determine if external entities are replicating organizational information in an unauthorized manner include scanning external websites, monitoring social media, and training staff to recognize the unauthorized use of organizational information.