{"description": "ICS techniques mitigated by Encrypt Sensitive Information, ATT&CK mitigation M0941 (v1.0)", "name": "Encrypt Sensitive Information (M0941)", "domain": "ics-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T0811", "comment": "Information which is sensitive to the operation and architecture of the process environment may be encrypted to ensure confidentiality and restrict access to only those who need to know. (Citation: Keith Stouffer May 2015) (Citation: National Institute of Standards and Technology April 2013)\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0893", "comment": "Information which is sensitive to the operation and architecture of the process environment may be encrypted to ensure confidentiality and restrict access to only those who need to know. (Citation: Keith Stouffer May 2015) (Citation: National Institute of Standards and Technology April 2013)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0839", "comment": "The encryption of firmware should be considered to prevent adversaries from identifying possible vulnerabilities within the firmware.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0873", "comment": "When at rest, project files should be encrypted to prevent unauthorized changes. (Citation: National Institute of Standards and Technology April 2013)\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0857", "comment": "The encryption of firmware should be considered to prevent adversaries from identifying possible vulnerabilities within the firmware.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0882", "comment": "Encrypt any operational data with strong confidentiality requirements, including organizational trade-secrets, recipes, and other intellectual property (IP).\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0864", "comment": "Consider implementing full disk encryption, especially if engineering workstations are transient assets that are more likely to be lost, stolen, or tampered with. (Citation: National Institute of Standards and Technology April 2013)\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "mitigated by Encrypt Sensitive Information", "color": "#66b1ff"}]}