THR-08: Tainting | Find Controls

THR-08 · Tainting

Control Description

Mechanisms exist to embed false data or steganographic data in files to enable the organization to determine if data has been exfiltrated and provide a means to identify the individual(s) involved.

Control Question

Assessment question for control validation

Does the organization embed false data or steganographic data in files to enable the organization to determine if data has been exfiltrated and provide a means to identify the individual(s) involved?

Control Weighting

Validation Cadence

Annual

NIST CSF Function

Detect

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 1 - Strategic

Tier 2 - Operational

Tier 3 - Tactical

Additional Metadata

Applicability (Process):