AU-13: Monitoring for Information Disclosure
From NIST's SP800-53:
a. Monitor [Assignment: organization-defined open-source information and/or information sites] [Assignment: organization-defined frequency] for evidence of unauthorized disclosure of organizational information; and b. If an information disclosure is discovered: 1. Notify [Assignment: organization-defined personnel or roles]; and 2. Take the following additional actions: [Assignment: organization-defined additional actions].
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
SP800-53 Control Mapped to NIST Cyber Security Framework
Generated from NISTs SP800-53/CSF Crosswalk mappings.
| Control ID | Description |
|---|---|
| DE.CM-3 | Personnel activity is monitored to detect potential cybersecurity events |