← Back to catalog
SI-14(2)
Non-persistent Information
System and Information Integrity (SI)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
[assignment] ; and Delete information when no longer needed.
Discussion
Retaining information longer than is needed makes the information a potential target for advanced adversaries searching for high value assets to compromise through unauthorized disclosure, unauthorized modification, or exfiltration. For system-related information, unnecessary retention provides advanced adversaries information that can assist in their reconnaissance and lateral movement through the system.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.