CCC.Core.TH06: Data is Lost or Corrupted
Threat ID:CCC.Core.TH06
Title:Data is Lost or Corrupted
Description:
Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of.
External Mappings
Controls
| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.AuditLog.C01 | Implement Digital Signatures With Hash Chaining | Digital signatures allows for external verification of log data tampering and hash chaining allows for deleted log files to be detected. | Integrity | 2 | 2 | 2 |
| CCC.AuditLog.C02 | Enable And Validate All Audit Log Types | Review audit log configuration and ensure that all audit log types are being generated and replicated to configured sinks | Integrity | 1 | 4 | 1 |
| CCC.AuditLog.C06 | Enforce Retention Policy on Audit Log Bucket | Configure a custom retention policy on the designated audit log bucket to ensure that logs are retained for the correct number of days as defined by your organization's policy. | Availability | 2 | 3 | 1 |
| CCC.AuditLog.C07 | Enforce MFA Delete on Audit Log Bucket | Enable Multi-Factor Authentication (MFA) delete on the audit log bucket to provide greater protection against accidental or malicious deletion of audit data. | Availability | 2 | 3 | 1 |
| CCC.Core.C08 | Replicate Data to Multiple Locations | Ensure that data is replicated across multiple physical locations to protect against data loss due to hardware failures, natural disasters, or other catastrophic events. | Data | 1 | 6 | 2 |