AU-13(3)

  • Requirement

    Employ discovery techniques, processes, and tools to determine if external entities are replicating organizational information in an unauthorized manner.

  • Discussion

    The unauthorized use or replication of organizational information by external entities can cause adverse impacts on organizational operations and assets, including damage to reputation. Such activity can include the replication of an organizational website by an adversary or hostile threat actor who attempts to impersonate the web-hosting organization. Discovery tools, techniques, and processes used to determine if external entities are replicating organizational information in an unauthorized manner include scanning external websites, monitoring social media, and training staff to recognize the unauthorized use of organizational information.

More Info

  • Title

    Monitoring for Information Disclosure | Unauthorized Replication of Information
  • Family

    Audit and Accountability
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!