CMMC Practice AC.1.004: Control information posted or processed on publicly accessible information systems.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
Do not allow sensitive information, including Federal Contract Information (FCI), which may include CUI, to become public. It is important to know which users/employees are allowed to publish information on publicly accessible systems, like your company website. Limit and control information that is posted on your company’s website(s) that can be accessed by the public.