Back

Install and protect network cabling.


CONTROL ID
08624
CONTROL TYPE
Physical and Environmental Protection
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a physical security program., CC ID: 11757

This Control has the following implementation support Control(s):
  • Control physical access to network cables., CC ID: 00723
  • Install and protect fiber optic cable, as necessary., CC ID: 08625
  • Install network cable in a way that allows ease of inspecting., CC ID: 08626
  • Establish and maintain security classifications for network cabling., CC ID: 08627
  • Label each end of a network cable run., CC ID: 08632
  • Terminate approved network cables on the patch panel., CC ID: 08633
  • Color code cables in accordance with organizational standards., CC ID: 16422
  • Establish and maintain documentation for network cabling schemes., CC ID: 08641
  • Prevent installing network cabling inside walls shared with third parties., CC ID: 08648
  • Install network cabling specifically for maintenance purposes., CC ID: 10613


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Cables are likely to catch fire from any excess current, a fire in the neighborhood, or other sources. Should cables ignite, they can burst into flames and produce corrosive combustion gases. In addition, due to smoke and toxic gases from the cables, secondary damage could spread to those areas free… (F40.1., FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • For telecommunications lines and power cables laid in the premises of the head offices and branch offices, it is recommended to implement proper precautions against wire breakage and fire spreading due to underground laying of gas/water pipes, installation of overhead lines, intrusion from outside, … (F84.1., FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • In any case where it is difficult to protect the line-related systems with proper locks, proper precautions should be implemented, such as shielding the line-related systems and relocating the line-related systems to a proper location less exposed to unauthorized access. (F105.2., FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • For installation of telecommunications lines and power cables, it is recommended to make prior consultation with the telephone company or electric utility responsible for the lead-in work to implement proper precautions against wire breakage and fire spreading. (F84.2. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • Cables from cable trays to wall outlet boxes are run in flexible or plastic conduit. (Security Control: 1115; Revision: 4, Australian Government Information Security Manual, March 2021)
  • Cabling infrastructure is installed in accordance with relevant Australian Standards, as directed by the Australian Communications and Media Authority. (Security Control: 0181; Revision: 3, Australian Government Information Security Manual, March 2021)
  • Cabling infrastructure is installed in accordance with relevant Australian Standards, as directed by the Australian Communications and Media Authority. (Control: ISM-0181; Revision: 3, Australian Government Information Security Manual, June 2023)
  • Cabling infrastructure is installed in accordance with relevant Australian Standards, as directed by the Australian Communications and Media Authority. (Control: ISM-0181; Revision: 3, Australian Government Information Security Manual, September 2023)
  • The organization must install cabling in accordance with australian standards as directed by the australian communications and media authority. (Control: 0181, Australian Government Information Security Manual: Controls)
  • Protection includes safeguards (e.g., acoustic, electric, electromagnetic, and physical) and if feasible countermeasures (e.g., alarms, notifications) to permit its use for the transmission of unencrypted information through an area of lesser classification or control. (§ 5.10.1.2.1 ¶ 1 ¶ 1 2.d., Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.9.1, Version 5.9.1)
  • The agency owns, operates, manages, or protects the medium. (§ 5.10.1.2.1 ¶ 1 ¶ 1 2.a., Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.9.1, Version 5.9.1)
  • Cabling design and implementation for the control network should be addressed in the cybersecurity plan. Unshielded twisted pair communications cable, while acceptable for the office environment, is generally not suitable for the plant environment due to its susceptibility to interference from magne… (§ 6.2.11.3 ICS-specific Recommendations and Guidance ¶ 1, Guide to Industrial Control Systems (ICS) Security, Revision 2)