Protect sensitive data-at-rest with strong encryption.
Domain | ID | Name | Use | |
---|---|---|---|---|
ICS | T0811 | Data from Information Repositories |
Information which is sensitive to the operation and architecture of the process environment may be encrypted to ensure confidentiality and restrict access to only those who need to know. [1] [2] |
|
ICS | T0893 | Data from Local System |
Information which is sensitive to the operation and architecture of the process environment may be encrypted to ensure confidentiality and restrict access to only those who need to know. [1] [2] |
|
ICS | T0839 | Module Firmware |
The encryption of firmware should be considered to prevent adversaries from identifying possible vulnerabilities within the firmware. |
|
ICS | T0873 | Project File Infection |
When at rest, project files should be encrypted to prevent unauthorized changes. [2] |
|
ICS | T0857 | System Firmware |
The encryption of firmware should be considered to prevent adversaries from identifying possible vulnerabilities within the firmware. |
|
ICS | T0882 | Theft of Operational Information |
Encrypt any operational data with strong confidentiality requirements, including organizational trade-secrets, recipes, and other intellectual property (IP). |
|
ICS | T0864 | Transient Cyber Asset |
Consider implementing full disk encryption, especially if engineering workstations are transient assets that are more likely to be lost, stolen, or tampered with. [2] |