NIST CSF: PR.PT-2 Subcategory

From NIST's Cyber Security Framework (version 1):

Removable media is protected and its use restricted according to policy

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

CSF Mapped to SP800-53 Controls

Generated from NIST's SP800-53/CSF Crosswalk mappings.

Node
MP-5: Media Transport
MP-4: Media Storage
MP-3: Media Marking
MP-8: Media Downgrading
MP-2: Media Access
MP-7: Media Use

Related ISO 27001 Controls

Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

  • Physical media transfer (8.3.3)
    ISO 27001:2013
  • Handling of assets (8.2.3)
    ISO 27001:2013
  • Management of removable media (8.3.1)
    ISO 27001:2013
  • Labelling of information (8.2.2)
    ISO 27001:2013
  • Classification of information (8.2.1)
    ISO 27001:2013
  • Clear desk and clear screen policy (11.2.9)
    ISO 27001:2013

Related ISA/IEC 62443 Controls

Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

  • Use control for portable and mobile devices (SR 2.3)
    ISA/IEC 62443-3-3:2013

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against. This is based on mappings to associated SP800-53 controls.

ATT&CK ID Title Associated Tactics
T1052 Exfiltration Over Physical Medium Exfiltration
T1091 Replication Through Removable Media Initial Access, Lateral Movement
T1052.001 Exfiltration over USB Exfiltration
T1025 Data from Removable Media Collection
T1092 Communication Through Removable Media Command and Control
T1200 Hardware Additions Initial Access

CSF Mapped to the NCSC CAF

Cyber Assessment Framework mappings generated from UK Cabinet Office data.

Control ID Name Description
B3.c Stored Data You have protected stored data important to the operation of the essential function.
B3.e Media Equipment Sanitisation You appropriately sanitise media and equipment holding data important to the operation of the essential function.
B3.a Understanding Data You have a good understanding of data important to the operation of the essential function, where it is stored, where it travels and how unavailability or unauthorised access, modification or deletion would adversely impact the essential function. This also applies to third parties storing or accessing data important to the operation of essential functions.
B3.d Mobile Data You have protected data important to the operation of the essential function on mobile devices.