CCC.Core.F02: Encryption at Rest Enabled by Default
Capability ID:CCC.Core.F02
Title:Encryption at Rest Enabled by Default
Description:The service automatically encrypts all data using industry-standard
cryptographic protocols prior to being written to a storage medium.
Mapped Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.GenAI.TH02 | Data Poisoning | Data poisoning occurs when training, fine-tuning or embedding data is tampered with in order to modify the model's behaviour, for example steering it towards specific outputs, degrading performance or introducing backdoors. | 4 | 1 | 0 |
| CCC.GenAI.TH03 | Sensitive Information Disclosure | Sensitive data can be memorised by the model from user interaction or training and may then be leaked to unintended and unauthorised parties by querying the model, for example through crafted prompts. | 4 | 1 | 0 |