Protect sensitive data-at-rest with strong encryption.
Techniques Addressed by Mitigation
| Domain |
ID |
Name |
Use |
| ics |
T0811 |
Data from Information Repositories |
Information which is sensitive to the operation and architecture of the process environment may be encrypted to ensure confidentiality and restrict access to only those who need to know. |
|
|
|
|
| ics |
T0893 |
Data from Local System |
Information which is sensitive to the operation and architecture of the process environment may be encrypted to ensure confidentiality and restrict access to only those who need to know. |
| ics |
T0839 |
Module Firmware |
The encryption of firmware should be considered to prevent adversaries from identifying possible vulnerabilities within the firmware. |
|
|
|
|
| ics |
T0873 |
Project File Infection |
When at rest, project files should be encrypted to prevent unauthorized changes. |
|
|
|
|
| ics |
T0857 |
System Firmware |
The encryption of firmware should be considered to prevent adversaries from identifying possible vulnerabilities within the firmware. |
|
|
|
|
| ics |
T0882 |
Theft of Operational Information |
Encrypt any operational data with strong confidentiality requirements, including organizational trade-secrets, recipes, and other intellectual property (IP). |
|
|
|
|
| ics |
T0864 |
Transient Cyber Asset |
Consider implementing full disk encryption, especially if engineering workstations are transient assets that are more likely to be lost, stolen, or tampered with. |
|
|
|
|
References