Measure: CryptographicProcesses


Implementation of cryptographic processes. Thus any relevant data is encrypted and therfore unreadable for an attacker. The aim is to ensure that any attacker getting access to sensitive data cannot read the data due to its encryption.


Additionally to the data encryption, the possibility of encrypting also communication connections should be checked in dependence on the necessary effort for encryption and its practicability. The source and integrity of used cryptographic keys should also be checked. The keys should be changed in a sufficient frequency. Encryptions can be realized for transferred data (wireless connections, wires, mobile storage devices) and for data stored on servers, clients, mobile devices or similar.

Event type

Risk reduction mechanism

Threat Types

Action characteristics

event_ measures