← Back to catalog
SI-14(2)

Non-persistent Information

System and Information Integrity (SI)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

[assignment] ; and Delete information when no longer needed.

Discussion

Retaining information longer than is needed makes the information a potential target for advanced adversaries searching for high value assets to compromise through unauthorized disclosure, unauthorized modification, or exfiltration. For system-related information, unnecessary retention provides advanced adversaries information that can assist in their reconnaissance and lateral movement through the system.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.