This control requires organizations to protect Controlled Unclassified Information (CUI) when it is stored, whether on servers, laptops, external drives, or other digital media. The most common and recommended method is encryption using FIPS-validated cryptography.
Read the full blog breakdown of 3.13.9