Encryption keys may be used by an unauthorized entity due to inadequate key management practices or the compromise of a connected system. This could lead to the decryption of sensitive data, impacting its confidentiality and integrity.
Core / Ccc / Threats / v2025.10
Encryption Key is Misused
CCC.Core.TH18
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP01 | Encryption in Transit Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to transmission via a network interface. |
| CCC.Core.CP02 | Encryption at Rest Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to being written to a storage medium. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.Core.CN13 | Minimize Lifetime of Encryption and Authentication Certificates | Ensure that encryption and authentication certificates have a limited lifetime to reduce the risk of compromise and ensure the use of up-to-date security practices. |
| CCC.Core.CN11 | Protect Encryption Keys | Ensure that encryption keys are managed securely by enforcing the use of approved algorithms, regular key rotation, and customer-managed encryption keys (CMEKs). |