51 KiB
51 KiB
| 1 | Risk # | Risk Description | CIS v8.1 Safeguards (Sub-Controls) | Weight (0-10) |
|---|---|---|---|---|
| 2 | 1 | Ransomware Attack on Critical Systems | 3.1 - Establish and Maintain Inventory of Enterprise Assets | 3 |
| 3 | 1 | Ransomware Attack on Critical Systems | 3.3 - Manage Assets | 4 |
| 4 | 1 | Ransomware Attack on Critical Systems | 5.1 - Establish and Maintain a Secure Configuration Process | 5 |
| 5 | 1 | Ransomware Attack on Critical Systems | 5.3 - Securely Configure Enterprise Assets and Software | 7 |
| 6 | 1 | Ransomware Attack on Critical Systems | 8.1 - Establish and Maintain a Vulnerability Management Process | 6 |
| 7 | 1 | Ransomware Attack on Critical Systems | 9.2 - Deploy and Maintain Anti-Malware Software | 9 |
| 8 | 1 | Ransomware Attack on Critical Systems | 10.8 - Perform and Test Data Backups | 10 |
| 9 | 1 | Ransomware Attack on Critical Systems | 15.1 - Develop an Incident Response Plan | 8 |
| 10 | 2 | Large-Scale Data Breach Due to External Attack | 3.1 - Establish and Maintain Inventory of Enterprise Assets | 4 |
| 11 | 2 | Large-Scale Data Breach Due to External Attack | 3.4 - Manage Sensitive Assets | 8 |
| 12 | 2 | Large-Scale Data Breach Due to External Attack | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 7 |
| 13 | 2 | Large-Scale Data Breach Due to External Attack | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 9 |
| 14 | 2 | Large-Scale Data Breach Due to External Attack | 6.3 - Implement and Manage Network Segmentation | 8 |
| 15 | 2 | Large-Scale Data Breach Due to External Attack | 7.1 - Establish and Maintain a Data Management Process | 6 |
| 16 | 2 | Large-Scale Data Breach Due to External Attack | 7.2 - Implement and Enforce Data Retention | 5 |
| 17 | 2 | Large-Scale Data Breach Due to External Attack | 7.3 - Implement Data Loss Prevention (DLP) | 9 |
| 18 | 2 | Large-Scale Data Breach Due to External Attack | 12.5 - Enforce Encryption of Data-at-Rest | 8 |
| 19 | 2 | Large-Scale Data Breach Due to External Attack | 12.6 - Enforce Encryption of Data-in-Transit | 7 |
| 20 | 3 | Insider Threat Leading to Data Exfiltration | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 21 | 3 | Insider Threat Leading to Data Exfiltration | 4.3 - Manage Privileged Access | 9 |
| 22 | 3 | Insider Threat Leading to Data Exfiltration | 4.4 - Manage Service Accounts | 6 |
| 23 | 3 | Insider Threat Leading to Data Exfiltration | 4.6 - Manage External Accounts | 5 |
| 24 | 3 | Insider Threat Leading to Data Exfiltration | 7.3 - Implement Data Loss Prevention (DLP) | 8 |
| 25 | 3 | Insider Threat Leading to Data Exfiltration | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 7 |
| 26 | 3 | Insider Threat Leading to Data Exfiltration | 16.1 - Conduct Security Awareness and Skills Training | 6 |
| 27 | 4 | Supply Chain Disruption Impacting Operations | 3.1 - Establish and Maintain Inventory of Enterprise Assets | 2 |
| 28 | 4 | Supply Chain Disruption Impacting Operations | 3.6 - Establish and Maintain an Inventory of Non-Enterprise Assets | 1 |
| 29 | 4 | Supply Chain Disruption Impacting Operations | 4.6 - Manage External Accounts | 6 |
| 30 | 4 | Supply Chain Disruption Impacting Operations | 13.1 - Establish and Maintain a Security Awareness Program | 3 |
| 31 | 4 | Supply Chain Disruption Impacting Operations | 18.1 - Establish and Maintain a Penetration Testing Program | 4 |
| 32 | 4 | Supply Chain Disruption Impacting Operations | 19.1 - Establish and Maintain an Incident Response Plan | 7 |
| 33 | 4 | Supply Chain Disruption Impacting Operations | 20.1 - Establish and Maintain a Business Continuity Plan | 10 |
| 34 | 5 | Reputational Damage from Social Media Incident | 13.1 - Establish and Maintain a Security Awareness Program | 9 |
| 35 | 5 | Reputational Damage from Social Media Incident | 16.1 - Conduct Security Awareness and Skills Training | 8 |
| 36 | 5 | Reputational Damage from Social Media Incident | 16.2 - Train Workforce Members on Social Engineering Attacks | 7 |
| 37 | 5 | Reputational Damage from Social Media Incident | 19.1 - Establish and Maintain an Incident Response Plan | 6 |
| 38 | 5 | Reputational Damage from Social Media Incident | 19.8 - Perform Post-Incident Reviews | 5 |
| 39 | 6 | Compliance Failure Leading to Fines | 1.1 - Establish and Maintain Enterprise Governance | 10 |
| 40 | 6 | Compliance Failure Leading to Fines | 1.2 - Establish and Maintain Enterprise Security Policies | 9 |
| 41 | 6 | Compliance Failure Leading to Fines | 1.3 - Establish and Maintain Enterprise Agreements | 8 |
| 42 | 6 | Compliance Failure Leading to Fines | 2.1 - Establish and Maintain an Inventory of Authorized Software | 4 |
| 43 | 6 | Compliance Failure Leading to Fines | 3.4 - Manage Sensitive Assets | 7 |
| 44 | 7 | Loss of Critical Business Data Due to System Failure | 10.8 - Perform and Test Data Backups | 10 |
| 45 | 7 | Loss of Critical Business Data Due to System Failure | 10.9 - Perform Off-Site Backups | 9 |
| 46 | 7 | Loss of Critical Business Data Due to System Failure | 10.10 - Securely Store Backups | 8 |
| 47 | 7 | Loss of Critical Business Data Due to System Failure | 5.3 - Securely Configure Enterprise Assets and Software | 6 |
| 48 | 7 | Loss of Critical Business Data Due to System Failure | 19.1 - Establish and Maintain an Incident Response Plan | 5 |
| 49 | 8 | Business Email Compromise (BEC) Attack | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 9 |
| 50 | 8 | Business Email Compromise (BEC) Attack | 16.2 - Train Workforce Members on Social Engineering Attacks | 8 |
| 51 | 8 | Business Email Compromise (BEC) Attack | 11.1 - Implement and Manage Email Protections | 7 |
| 52 | 8 | Business Email Compromise (BEC) Attack | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 5 |
| 53 | 9 | Physical Security Breach Leading to Asset Theft | 17.1 - Implement Physical Access Controls | 10 |
| 54 | 9 | Physical Security Breach Leading to Asset Theft | 17.2 - Monitor Physical Environment | 9 |
| 55 | 9 | Physical Security Breach Leading to Asset Theft | 3.1 - Establish and Maintain Inventory of Enterprise Assets | 6 |
| 56 | 9 | Physical Security Breach Leading to Asset Theft | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 4 |
| 57 | 10 | Denial-of-Service (DoS) Attack Disrupting Services | 6.1 - Establish and Maintain a Baseline Configuration of Network Devices | 6 |
| 58 | 10 | Denial-of-Service (DoS) Attack Disrupting Services | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 59 | 10 | Denial-of-Service (DoS) Attack Disrupting Services | 6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques | 10 |
| 60 | 10 | Denial-of-Service (DoS) Attack Disrupting Services | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 8 |
| 61 | 11 | Unpatched Software Vulnerabilities Exploited | 8.2 - Remediate Vulnerabilities Based on Risk | 10 |
| 62 | 11 | Unpatched Software Vulnerabilities Exploited | 8.3 - Verify Application of Security Patches | 9 |
| 63 | 11 | Unpatched Software Vulnerabilities Exploited | 3.2 - Utilize an Automated Asset Discovery Tool | 4 |
| 64 | 12 | Third-Party Vendor Security Breach Impacting Data | 4.6 - Manage External Accounts | 8 |
| 65 | 12 | Third-Party Vendor Security Breach Impacting Data | 13.5 - Manage Supplier Access | 9 |
| 66 | 12 | Third-Party Vendor Security Breach Impacting Data | 13.6 - Monitor Supplier Security | 7 |
| 67 | 13 | Mobile Device Compromise Leading to Data Loss | 3.5 - Manage Enterprise Assets Connected to the Enterprise Network Remotely | 8 |
| 68 | 13 | Mobile Device Compromise Leading to Data Loss | 4.5 - Manage Mobile Devices | 9 |
| 69 | 13 | Mobile Device Compromise Leading to Data Loss | 12.5 - Enforce Encryption of Data-at-Rest | 7 |
| 70 | 14 | Cloud Service Configuration Errors Exposing Data | 5.4 - Securely Configure Cloud Infrastructure | 9 |
| 71 | 14 | Cloud Service Configuration Errors Exposing Data | 5.5 - Securely Configure Cloud Workloads | 8 |
| 72 | 14 | Cloud Service Configuration Errors Exposing Data | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 73 | 15 | Lack of Employee Security Awareness Leading to Phishing Success | 16.1 - Conduct Security Awareness and Skills Training | 10 |
| 74 | 15 | Lack of Employee Security Awareness Leading to Phishing Success | 16.2 - Train Workforce Members on Social Engineering Attacks | 9 |
| 75 | 15 | Lack of Employee Security Awareness Leading to Phishing Success | 11.1 - Implement and Manage Email Protections | 7 |
| 76 | 16 | Unsecured APIs Exposing Sensitive Information | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 6 |
| 77 | 16 | Unsecured APIs Exposing Sensitive Information | 12.6 - Enforce Encryption of Data-in-Transit | 9 |
| 78 | 16 | Unsecured APIs Exposing Sensitive Information | 18.1 - Establish and Maintain a Penetration Testing Program | 7 |
| 79 | 17 | Accidental Data Leak by Employee | 7.3 - Implement Data Loss Prevention (DLP) | 8 |
| 80 | 17 | Accidental Data Leak by Employee | 16.1 - Conduct Security Awareness and Skills Training | 7 |
| 81 | 17 | Accidental Data Leak by Employee | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 5 |
| 82 | 18 | Weak Password Policies Leading to Account Compromise | 4.7 - Enforce Account Password Requirements | 9 |
| 83 | 18 | Weak Password Policies Leading to Account Compromise | 4.8 - Enforce Multi-Factor Authentication for All Users | 8 |
| 84 | 18 | Weak Password Policies Leading to Account Compromise | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 7 |
| 85 | 19 | Uncontrolled Use of Shadow IT | 3.6 - Establish and Maintain an Inventory of Non-Enterprise Assets | 8 |
| 86 | 19 | Uncontrolled Use of Shadow IT | 2.1 - Establish and Maintain an Inventory of Authorized Software | 7 |
| 87 | 19 | Uncontrolled Use of Shadow IT | 13.1 - Establish and Maintain a Security Awareness Program | 6 |
| 88 | 20 | Insider Trading Based on Stolen Information | 4.3 - Manage Privileged Access | 9 |
| 89 | 20 | Insider Trading Based on Stolen Information | 7.3 - Implement Data Loss Prevention (DLP) | 7 |
| 90 | 20 | Insider Trading Based on Stolen Information | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 8 |
| 91 | 21 | Loss of Key Personnel with Critical Security Knowledge | 16.4 - Establish and Maintain a Role-Based Security Training Program | 7 |
| 92 | 21 | Loss of Key Personnel with Critical Security Knowledge | 16.5 - Conduct Skills Gap Assessments | 6 |
| 93 | 21 | Loss of Key Personnel with Critical Security Knowledge | 1.3 - Establish and Maintain Enterprise Agreements | 5 |
| 94 | 22 | Natural Disaster Impacting Data Centers | 17.3 - Plan and Implement Environmental Protections | 9 |
| 95 | 22 | Natural Disaster Impacting Data Centers | 20.1 - Establish and Maintain a Business Continuity Plan | 10 |
| 96 | 22 | Natural Disaster Impacting Data Centers | 10.9 - Perform Off-Site Backups | 8 |
| 97 | 23 | Industrial Control System (ICS) Compromise | 5.6 - Securely Configure Industrial Control Systems (ICS) | 10 |
| 98 | 23 | Industrial Control System (ICS) Compromise | 6.6 - Implement and Manage Network Segmentation for ICS | 9 |
| 99 | 23 | Industrial Control System (ICS) Compromise | 9.2 - Deploy and Maintain Anti-Malware Software | 7 |
| 100 | 24 | Misconfiguration of Network Devices | 6.1 - Establish and Maintain a Baseline Configuration of Network Devices | 9 |
| 101 | 24 | Misconfiguration of Network Devices | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 8 |
| 102 | 24 | Misconfiguration of Network Devices | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 103 | 25 | Lack of Regular Security Audits | 1.5 - Conduct Periodic Security Risk Assessments | 9 |
| 104 | 25 | Lack of Regular Security Audits | 14.7 - Conduct Security Controls Testing and Validation | 8 |
| 105 | 25 | Lack of Regular Security Audits | 18.1 - Establish and Maintain a Penetration Testing Program | 7 |
| 106 | 26 | AI/ML System Bias Leading to Unfair Outcomes | 1.2 - Establish and Maintain Enterprise Security Policies | 6 |
| 107 | 26 | AI/ML System Bias Leading to Unfair Outcomes | 7.1 - Establish and Maintain a Data Management Process | 7 |
| 108 | 26 | AI/ML System Bias Leading to Unfair Outcomes | 15.4 - Establish and Maintain a Security Architecture | 5 |
| 109 | 27 | IoT Device Vulnerabilities Exploited | 3.5 - Manage Enterprise Assets Connected to the Enterprise Network Remotely | 8 |
| 110 | 27 | IoT Device Vulnerabilities Exploited | 5.3 - Securely Configure Enterprise Assets and Software | 7 |
| 111 | 27 | IoT Device Vulnerabilities Exploited | 9.2 - Deploy and Maintain Anti-Malware Software | 6 |
| 112 | 28 | Geopolitical Risks Impacting Cybersecurity | 1.4 - Establish and Maintain a Threat Intelligence Program | 9 |
| 113 | 28 | Geopolitical Risks Impacting Cybersecurity | 19.1 - Establish and Maintain an Incident Response Plan | 7 |
| 114 | 28 | Geopolitical Risks Impacting Cybersecurity | 13.1 - Establish and Maintain a Security Awareness Program | 6 |
| 115 | 29 | Unsecured Code in Custom Applications | 2.2 - Utilize Standard Security Configurations for Enterprise Software and Hardware | 7 |
| 116 | 29 | Unsecured Code in Custom Applications | 8.4 - Perform Application Security Testing | 9 |
| 117 | 29 | Unsecured Code in Custom Applications | 12.1 - Establish and Maintain a Software Development Life Cycle (SDLC) | 8 |
| 118 | 30 | Failure to Adequately Vet New Technologies | 15.4 - Establish and Maintain a Security Architecture | 7 |
| 119 | 30 | Failure to Adequately Vet New Technologies | 1.5 - Conduct Periodic Security Risk Assessments | 8 |
| 120 | 30 | Failure to Adequately Vet New Technologies | 13.1 - Establish and Maintain a Security Awareness Program | 6 |
| 121 | 31 | Social Engineering Attack Targeting Executives | 16.2 - Train Workforce Members on Social Engineering Attacks | 10 |
| 122 | 31 | Social Engineering Attack Targeting Executives | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 8 |
| 123 | 31 | Social Engineering Attack Targeting Executives | 11.1 - Implement and Manage Email Protections | 7 |
| 124 | 32 | Vulnerability in Open-Source Software Components | 2.1 - Establish and Maintain an Inventory of Authorized Software | 6 |
| 125 | 32 | Vulnerability in Open-Source Software Components | 8.1 - Establish and Maintain a Vulnerability Management Process | 9 |
| 126 | 32 | Vulnerability in Open-Source Software Components | 8.2 - Remediate Vulnerabilities Based on Risk | 8 |
| 127 | 33 | Cryptojacking on Enterprise Assets | 9.2 - Deploy and Maintain Anti-Malware Software | 9 |
| 128 | 33 | Cryptojacking on Enterprise Assets | 5.3 - Securely Configure Enterprise Assets and Software | 7 |
| 129 | 33 | Cryptojacking on Enterprise Assets | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 130 | 34 | Data Spillage in Cloud Environments | 7.3 - Implement Data Loss Prevention (DLP) | 8 |
| 131 | 34 | Data Spillage in Cloud Environments | 5.4 - Securely Configure Cloud Infrastructure | 7 |
| 132 | 34 | Data Spillage in Cloud Environments | 12.5 - Enforce Encryption of Data-at-Rest | 6 |
| 133 | 35 | Malicious Browser Extensions Compromising Users | 9.1 - Establish and Maintain a Software Allow List | 8 |
| 134 | 35 | Malicious Browser Extensions Compromising Users | 16.1 - Conduct Security Awareness and Skills Training | 7 |
| 135 | 35 | Malicious Browser Extensions Compromising Users | 11.2 - Implement and Manage Web Browser Protections | 9 |
| 136 | 36 | Domain Name System (DNS) Attacks | 6.7 - Implement and Manage Domain Name System (DNS) Security | 9 |
| 137 | 36 | Domain Name System (DNS) Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 138 | 36 | Domain Name System (DNS) Attacks | 6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques | 6 |
| 139 | 37 | Quantum Computing Breaking Encryption | 12.7 - Plan and Implement Cryptographic Key Management | 7 |
| 140 | 37 | Quantum Computing Breaking Encryption | 15.4 - Establish and Maintain a Security Architecture | 6 |
| 141 | 37 | Quantum Computing Breaking Encryption | 1.4 - Establish and Maintain a Threat Intelligence Program | 5 |
| 142 | 38 | Deepfake Technology Used for Fraud | 16.2 - Train Workforce Members on Social Engineering Attacks | 8 |
| 143 | 38 | Deepfake Technology Used for Fraud | 11.1 - Implement and Manage Email Protections | 7 |
| 144 | 38 | Deepfake Technology Used for Fraud | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 6 |
| 145 | 39 | Misinformation Campaigns Damaging Reputation | 13.1 - Establish and Maintain a Security Awareness Program | 9 |
| 146 | 39 | Misinformation Campaigns Damaging Reputation | 19.1 - Establish and Maintain an Incident Response Plan | 7 |
| 147 | 39 | Misinformation Campaigns Damaging Reputation | 1.4 - Establish and Maintain a Threat Intelligence Program | 6 |
| 148 | 40 | Lack of a Formal Security Culture | 13.1 - Establish and Maintain a Security Awareness Program | 10 |
| 149 | 40 | Lack of a Formal Security Culture | 16.1 - Conduct Security Awareness and Skills Training | 9 |
| 150 | 40 | Lack of a Formal Security Culture | 1.2 - Establish and Maintain Enterprise Security Policies | 8 |
| 151 | 41 | Insufficient Physical Security at Remote Offices | 17.1 - Implement Physical Access Controls | 9 |
| 152 | 41 | Insufficient Physical Security at Remote Offices | 17.2 - Monitor Physical Environment | 8 |
| 153 | 41 | Insufficient Physical Security at Remote Offices | 3.5 - Manage Enterprise Assets Connected to the Enterprise Network Remotely | 6 |
| 154 | 42 | Compromise of Building Management Systems (BMS) | 5.6 - Securely Configure Industrial Control Systems (ICS) | 8 |
| 155 | 42 | Compromise of Building Management Systems (BMS) | 6.6 - Implement and Manage Network Segmentation for ICS | 7 |
| 156 | 42 | Compromise of Building Management Systems (BMS) | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 157 | 43 | Failure to Securely Dispose of Sensitive Data | 7.4 - Securely Dispose of Assets | 9 |
| 158 | 43 | Failure to Securely Dispose of Sensitive Data | 3.3 - Manage Assets | 7 |
| 159 | 43 | Failure to Securely Dispose of Sensitive Data | 1.2 - Establish and Maintain Enterprise Security Policies | 6 |
| 160 | 44 | Man-in-the-Middle (MitM) Attacks | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 7 |
| 161 | 44 | Man-in-the-Middle (MitM) Attacks | 12.6 - Enforce Encryption of Data-in-Transit | 9 |
| 162 | 44 | Man-in-the-Middle (MitM) Attacks | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 8 |
| 163 | 45 | Session Hijacking | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 164 | 45 | Session Hijacking | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 9 |
| 165 | 45 | Session Hijacking | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 166 | 46 | Cross-Site Scripting (XSS) Attacks | 8.4 - Perform Application Security Testing | 9 |
| 167 | 46 | Cross-Site Scripting (XSS) Attacks | 12.2 - Secure Software via Secure Coding Practices | 8 |
| 168 | 46 | Cross-Site Scripting (XSS) Attacks | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 6 |
| 169 | 47 | SQL Injection Attacks | 8.4 - Perform Application Security Testing | 10 |
| 170 | 47 | SQL Injection Attacks | 12.2 - Secure Software via Secure Coding Practices | 9 |
| 171 | 47 | SQL Injection Attacks | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 7 |
| 172 | 48 | Zero-Day Exploits | 8.1 - Establish and Maintain a Vulnerability Management Process | 7 |
| 173 | 48 | Zero-Day Exploits | 9.2 - Deploy and Maintain Anti-Malware Software | 8 |
| 174 | 48 | Zero-Day Exploits | 6.3 - Implement and Manage Network Segmentation | 6 |
| 175 | 49 | Rogue Access Points on the Network | 6.1 - Establish and Maintain a Baseline Configuration of Network Devices | 8 |
| 176 | 49 | Rogue Access Points on the Network | 6.3 - Implement and Manage Network Segmentation | 7 |
| 177 | 49 | Rogue Access Points on the Network | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 178 | 50 | Wireless Network Attacks | 6.8 - Secure Wireless Access Points | 9 |
| 179 | 50 | Wireless Network Attacks | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 7 |
| 180 | 50 | Wireless Network Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 181 | 51 | Stolen Credentials | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 9 |
| 182 | 51 | Stolen Credentials | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 10 |
| 183 | 51 | Stolen Credentials | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 184 | 52 | Unsecured Public Wi-Fi Usage | 16.1 - Conduct Security Awareness and Skills Training | 7 |
| 185 | 52 | Unsecured Public Wi-Fi Usage | 12.6 - Enforce Encryption of Data-in-Transit | 8 |
| 186 | 52 | Unsecured Public Wi-Fi Usage | 4.9 - Manage Access to Enterprise Applications | 6 |
| 187 | 53 | Vishing Attacks | 16.2 - Train Workforce Members on Social Engineering Attacks | 9 |
| 188 | 53 | Vishing Attacks | 13.1 - Establish and Maintain a Security Awareness Program | 8 |
| 189 | 53 | Vishing Attacks | 11.1 - Implement and Manage Email Protections | 5 |
| 190 | 54 | Smishing Attacks | 16.2 - Train Workforce Members on Social Engineering Attacks | 9 |
| 191 | 54 | Smishing Attacks | 13.1 - Establish and Maintain a Security Awareness Program | 8 |
| 192 | 54 | Smishing Attacks | 11.3 - Implement and Manage Endpoint Protections | 6 |
| 193 | 55 | Watering Hole Attacks | 11.2 - Implement and Manage Web Browser Protections | 8 |
| 194 | 55 | Watering Hole Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 195 | 55 | Watering Hole Attacks | 1.4 - Establish and Maintain a Threat Intelligence Program | 6 |
| 196 | 56 | Typosquatting Attacks | 11.1 - Implement and Manage Email Protections | 7 |
| 197 | 56 | Typosquatting Attacks | 13.1 - Establish and Maintain a Security Awareness Program | 8 |
| 198 | 56 | Typosquatting Attacks | 1.4 - Establish and Maintain a Threat Intelligence Program | 6 |
| 199 | 57 | Malvertising | 11.2 - Implement and Manage Web Browser Protections | 9 |
| 200 | 57 | Malvertising | 9.2 - Deploy and Maintain Anti-Malware Software | 7 |
| 201 | 57 | Malvertising | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 202 | 58 | Fileless Malware Attacks | 9.2 - Deploy and Maintain Anti-Malware Software | 8 |
| 203 | 58 | Fileless Malware Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 204 | 58 | Fileless Malware Attacks | 11.3 - Implement and Manage Endpoint Protections | 6 |
| 205 | 59 | Advanced Persistent Threats (APTs) | 1.4 - Establish and Maintain a Threat Intelligence Program | 9 |
| 206 | 59 | Advanced Persistent Threats (APTs) | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 8 |
| 207 | 59 | Advanced Persistent Threats (APTs) | 18.1 - Establish and Maintain a Penetration Testing Program | 7 |
| 208 | 60 | Remote Code Execution (RCE) Vulnerabilities | 8.2 - Remediate Vulnerabilities Based on Risk | 10 |
| 209 | 60 | Remote Code Execution (RCE) Vulnerabilities | 8.3 - Verify Application of Security Patches | 9 |
| 210 | 60 | Remote Code Execution (Rulnerabilities | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 211 | 61 | Formjacking Attacks | 12.2 - Secure Software via Secure Coding Practices | 8 |
| 212 | 61 | Formjacking Attacks | 11.2 - Implement and Manage Web Browser Protections | 7 |
| 213 | 61 | Formjacking Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 214 | 62 | SIM Swapping Attacks | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 9 |
| 215 | 62 | SIM Swapping Attacks | 16.1 - Conduct Security Awareness and Skills Training | 7 |
| 216 | 62 | SIM Swapping Attacks | 1.3 - Establish and Maintain Enterprise Agreements | 6 |
| 217 | 63 | Unsecured Database Configurations | 5.3 - Securely Configure Enterprise Assets and Software | 9 |
| 218 | 63 | Unsecured Database Configurations | 7.1 - Establish and Maintain a Data Management Process | 8 |
| 219 | 63 | Unsecured Database Configurations | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 220 | 64 | API Sprawl and Lack of API Governance | 12.1 - Establish and Maintain a Software Development Life Cycle (SDLC) | 8 |
| 221 | 64 | API Sprawl and Lack of API Governance | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 7 |
| 222 | 64 | API Sprawl and Lack of API Governance | 15.4 - Establish and Maintain a Security Architecture | 6 |
| 223 | 65 | Insecure Default Configurations | 5.1 - Establish and Maintain a Secure Configuration Process | 9 |
| 224 | 65 | Insecure Default Configurations | 5.3 - Securely Configure Enterprise Assets and Software | 8 |
| 225 | 65 | Insecure Default Configurations | 6.1 - Establish and Maintain a Baseline Configuration of Network Devices | 7 |
| 226 | 66 | Insufficient Data Encryption | 12.5 - Enforce Encryption of Data-at-Rest | 10 |
| 227 | 66 | Insufficient Data Encryption | 7.2 - Implement and Enforce Data Retention | 6 |
| 228 | 67 | Legacy Systems with Known Vulnerabilities | 3.3 - Manage Assets | 7 |
| 229 | 67 | Legacy Systems with Known Vulnerabilities | 8.2 - Remediate Vulnerabilities Based on Risk | 9 |
| 230 | 67 | Legacy Systems with Known Vulnerabilities | 6.3 - Implement and Manage Network Segmentation | 8 |
| 231 | 68 | Poorly Implemented Patch Management | 8.2 - Remediate Vulnerabilities Based on Risk | 10 |
| 232 | 68 | Poorly Implemented Patch Management | 8.3 - Verify Application of Security Patches | 9 |
| 233 | 68 | Poorly Implemented Patch Management | 3.2 - Utilize an Automated Asset Discovery Tool | 6 |
| 234 | 69 | Unsecured Configuration Management Practices | 5.1 - Establish and Maintain a Secure Configuration Process | 9 |
| 235 | 69 | Unsecured Configuration Management Practices | 5.3 - Securely Configure Enterprise Assets and Software | 8 |
| 236 | 69 | Unsecured Configuration Management Practices | 6.1 - Establish and Maintain a Baseline Configuration of Network Devices | 7 |
| 237 | 70 | Lack of Network Segmentation | 6.3 - Implement and Manage Network Segmentation | 10 |
| 238 | 70 | Lack of Network Segmentation | 6.1 - Establish and Maintain a Baseline Configuration of Network Devices | 7 |
| 239 | 70 | Lack of Network Segmentation | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 240 | 71 | Compromised Software Update Mechanisms | 8.3 - Verify Application of Security Patches | 8 |
| 241 | 71 | Compromised Software Update Mechanisms | 9.2 - Deploy and Maintain Anti-Malware Software | 7 |
| 242 | 71 | Compromised Software Update Mechanisms | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 243 | 72 | Weaknesses in Cloud Identity and Access Management | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 9 |
| 244 | 72 | Weaknesses in Cloud Identity and Access Management | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 8 |
| 245 | 72 | Weaknesses in Cloud Identity and Access Management | 5.4 - Securely Configure Cloud Infrastructure | 7 |
| 246 | 73 | Insufficient Security Logging and Monitoring | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 10 |
| 247 | 73 | Insufficient Security Logging and Monitoring | 14.2 - Integrate Threat Intelligence into Security Monitoring | 8 |
| 248 | 73 | Insufficient Security Logging and Monitoring | 14.3 - Establish and Maintain Alerting and Escalation Processes | 7 |
| 249 | 74 | Lack of an Effective Incident Response Plan | 19.1 - Establish and Maintain an Incident Response Plan | 10 |
| 250 | 74 | Lack of an Effective Incident Response Plan | 19.2 - Establish and Maintain an Incident Response Team | 9 |
| 251 | 74 | Lack of an Effective Incident Response Plan | 19.3 - Develop and Conduct Incident Response Exercises | 8 |
| 252 | 75 | Poor Data Backup and Recovery Procedures | 10.8 - Perform and Test Data Backups | 10 |
| 253 | 75 | Poor Data Backup and Recovery Procedures | 10.9 - Perform Off-Site Backups | 9 |
| 254 | 75 | Poor Data Backup and Recovery Procedures | 10.10 - Securely Store Backups | 8 |
| 255 | 76 | Insufficient Security Awareness Training for Employees | 16.1 - Conduct Security Awareness and Skills Training | 10 |
| 256 | 76 | Insufficient Security Awareness Training for Employees | 16.2 - Train Workforce Members on Social Engineering Attacks | 9 |
| 257 | 76 | Insufficient Security Awareness Training for Employees | 13.1 - Establish and Maintain a Security Awareness Program | 8 |
| 258 | 77 | Lack of a Formal Risk Management Program | 1.5 - Conduct Periodic Security Risk Assessments | 10 |
| 259 | 77 | Lack of a Formal Risk Management Program | 1.1 - Establish and Maintain Enterprise Governance | 9 |
| 260 | 77 | Lack of a Formal Risk Management Program | 1.2 - Establish and Maintain Enterprise Security Policies | 8 |
| 261 | 78 | Inadequate Third-Party Risk Management | 13.5 - Manage Supplier Access | 9 |
| 262 | 78 | Inadequate Third-Party Risk Management | 13.6 - Monitor Supplier Security | 8 |
| 263 | 78 | Inadequate Third-Party Risk Management | 4.6 - Manage External Accounts | 7 |
| 264 | 79 | Failure to Enforce Least Privilege | 4.3 - Manage Privileged Access | 10 |
| 265 | 79 | Failure to Enforce Least Privilege | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 266 | 79 | Failure to Enforce Least Privilege | 4.4 - Manage Service Accounts | 7 |
| 267 | 80 | Unsecured Remote Access Solutions | 4.9 - Manage Access to Enterprise Applications | 9 |
| 268 | 80 | Unsecured Remote Access Solutions | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 8 |
| 269 | 80 | Unsecured Remote Access Solutions | 12.6 - Enforce Encryption of Data-in-Transit | 7 |
| 270 | 81 | Insufficient Protection of Critical Infrastructure | 17.1 - Implement Physical Access Controls | 8 |
| 271 | 81 | Insufficient Protection of Critical Infrastructure | 6.3 - Implement and Manage Network Segmentation | 7 |
| 272 | 81 | Insufficient Protection of Critical Infrastructure | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 273 | 82 | Lack of Data Loss Prevention (DLP) Measures | 7.3 - Implement Data Loss Prevention (DLP) | 10 |
| 274 | 82 | Lack of Data Loss Prevention (DLP) Measures | 3.4 - Manage Sensitive Assets | 8 |
| 275 | 82 | Lack of Data Loss Prevention (DLP) Measures | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 7 |
| 276 | 83 | Ineffective Vulnerability Scanning Practices | 8.1 - Establish and Maintain a Vulnerability Management Process | 9 |
| 277 | 83 | Ineffective Vulnerability Scanning Practices | 8.2 - Remediate Vulnerabilities Based on Risk | 8 |
| 278 | 83 | Ineffective Vulnerability Scanning Practices | 3.2 - Utilize an Automated Asset Discovery Tool | 7 |
| 279 | 84 | Poorly Defined Security Roles and Responsibilities | 1.2 - Establish and Maintain Enterprise Security Policies | 8 |
| 280 | 84 | Poorly Defined Security Roles and Responsibilities | 1.3 - Establish and Maintain Enterprise Agreements | 7 |
| 281 | 84 | Poorly Defined Security Roles and Responsibilities | 16.4 - Establish and Maintain a Role-Based Security Training Program | 6 |
| 282 | 85 | Lack of a Formal Change Management Process | 5.2 - Implement and Manage a Change Management Process | 9 |
| 283 | 85 | Lack of a Formal Change Management Process | 5.3 - Securely Configure Enterprise Assets and Software | 7 |
| 284 | 85 | Lack of a Formal Change Management Process | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 285 | 86 | Insufficient Security Architecture and Design | 15.4 - Establish and Maintain a Security Architecture | 10 |
| 286 | 86 | Insufficient Security Architecture and Design | 6.3 - Implement and Manage Network Segmentation | 8 |
| 287 | 86 | Insufficient Security Architecture and Design | 12.1 - Establish and Maintain a Software Development Life Cycle (SDLC) | 7 |
| 288 | 87 | Failure to Secure Containerized Environments | 5.7 - Securely Configure Containers | 9 |
| 289 | 87 | Failure to Secure Containerized Environments | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 7 |
| 290 | 87 | Failure to Secure Containerized Environments | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 291 | 88 | Inadequate Protection of API Keys and Secrets | 12.3 - Manage Credentials | 9 |
| 292 | 88 | Inadequate Protection of API Keys and Secrets | 12.5 - Enforce Encryption of Data-at-Rest | 7 |
| 293 | 88 | Inadequate Protection of API Keys and Secrets | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 294 | 89 | Lack of a Formal Security Assessment Process for New Projects | 1.5 - Conduct Periodic Security Risk Assessments | 8 |
| 295 | 89 | Lack of a Formal Security Assessment Process for New Projects | 15.4 - Establish and Maintain a Security Architecture | 7 |
| 296 | 89 | Lack of a Formal Security Assessment Process for New Projects | 12.1 - Establish and Maintain a Software Development Life Cycle (SDLC) | 6 |
| 297 | 90 | Insufficient Budget Allocation for Cybersecurity | 1.1 - Establish and Maintain Enterprise Governance | 9 |
| 298 | 90 | Insufficient Budget Allocation for Cybersecurity | 1.2 - Establish and Maintain Enterprise Security Policies | 8 |
| 299 | 90 | Insufficient Budget Allocation for Cybersecurity | 1.5 - Conduct Periodic Security Risk Assessments | 7 |
| 300 | 91 | Lack of Executive Support for Security Initiatives | 1.1 - Establish and Maintain Enterprise Governance | 10 |
| 301 | 91 | Lack of Executive Support for Security Initiatives | 1.2 - Establish and Maintain Enterprise Security Policies | 9 |
| 302 | 91 | Lack of Executive Support for Security Initiatives | 13.1 - Establish and Maintain a Security Awareness Program | 7 |
| 303 | 92 | Mergers and Acquisitions Leading to Security Integration Challenges | 1.3 - Establish and Maintain Enterprise Agreements | 8 |
| 304 | 92 | Mergers and Acquisitions Leading to Security Integration Challenges | 15.4 - Establish and Maintain a Security Architecture | 7 |
| 305 | 92 | Mergers and Acquisitions Leading to Security Integration Challenges | 3.1 - Establish and Maintain Inventory of Enterprise Assets | 6 |
| 306 | 93 | Decentralized Security Management Leading to Inconsistencies | 1.1 - Establish and Maintain Enterprise Governance | 8 |
| 307 | 93 | Decentralized Security Management Leading to Inconsistencies | 1.2 - Establish and Maintain Enterprise Security Policies | 7 |
| 308 | 93 | Decentralized Security Management Leading to Inconsistencies | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 6 |
| 309 | 94 | Rapid Cloud Adoption Without Adequate Security Controls | 5.4 - Securely Configure Cloud Infrastructure | 9 |
| 310 | 94 | Rapid Cloud Adoption Without Adequate Security Controls | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 311 | 94 | Rapid Cloud Adoption Without Adequate Security Controls | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 312 | 95 | Increased Use of Personal Devices for Work (BYOD) | 3.5 - Manage Enterprise Assets Connected to the Enterprise Network Remotely | 8 |
| 313 | 95 | Increased Use of Personal Devices for Work (BYOD) | 4.5 - Manage Mobile Devices | 7 |
| 314 | 95 | Increased Use of Personal Devices for Work (BYOD) | 12.5 - Enforce Encryption of Data-at-Rest | 6 |
| 315 | 96 | Growing Attack Surface Due to Digital Transformation | 3.1 - Establish and Maintain Inventory of Enterprise Assets | 7 |
| 316 | 96 | Growing Attack Surface Due to Digital Transformation | 15.4 - Establish and Maintain a Security Architecture | 8 |
| 317 | 96 | Growing Attack Surface Due to Digital Transformation | 8.1 - Establish and Maintain a Vulnerability Management Process | 6 |
| 318 | 97 | Talent Shortage in Cybersecurity | 16.3 - Establish and Maintain a Security Skills Development Program | 9 |
| 319 | 97 | Talent Shortage in Cybersecurity | 16.5 - Conduct Skills Gap Assessments | 8 |
| 320 | 97 | Talent Shortage in Cybersecurity | 1.3 - Establish and Maintain Enterprise Agreements | 5 |
| 321 | 98 | Increased Regulatory Scrutiny and Complexity | 1.1 - Establish and Maintain Enterprise Governance | 9 |
| 322 | 98 | Increased Regulatory Scrutiny and Complexity | 1.2 - Establish and Maintain Enterprise Security Policies | 8 |
| 323 | 98 | Increased Regulatory Scrutiny and Complexity | 3.4 - Manage Sensitive Assets | 7 |
| 324 | 99 | Evolving Threat Landscape | 1.4 - Establish and Maintain a Threat Intelligence Program | 10 |
| 325 | 99 | Evolving Threat Landscape | 18.1 - Establish and Maintain a Penetration Testing Program | 8 |
| 326 | 99 | Evolving Threat Landscape | 13.1 - Establish and Maintain a Security Awareness Program | 7 |
| 327 | 100 | Failure to Adapt Security Strategy to Business Changes | 1.2 - Establish and Maintain Enterprise Security Policies | 8 |
| 328 | 100 | Failure to Adapt Security Strategy to Business Changes | 1.5 - Conduct Periodic Security Risk Assessments | 9 |
| 329 | 100 | Failure to Adapt Security Strategy to Business Changes | 15.4 - Establish and Maintain a Security Architecture | 7 |
| 330 | 101 | Advanced Persistent Threats (APTs) Evading Existing Defenses | 14.2 - Integrate Threat Intelligence into Security Monitoring | 9 |
| 331 | 101 | Advanced Persistent Threats (APTs) Evading Existing Defenses | 18.1 - Establish and Maintain a Penetration Testing Program | 8 |
| 332 | 101 | Advanced Persistent Threats (APTs) Evading Existing Defenses | 9.3 - Implement and Manage Endpoint Detection and Response (EDR) | 8 |
| 333 | 102 | Zero-Day Exploits Targeting Unpatched Applications | 8.2 - Remediate Vulnerabilities Based on Risk | 9 |
| 334 | 102 | Zero-Day Exploits Targeting Unpatched Applications | 6.3 - Implement and Manage Network Segmentation | 7 |
| 335 | 102 | Zero-Day Exploits Targeting Unpatched Applications | 9.3 - Implement and Manage Endpoint Detection and Response (EDR) | 7 |
| 336 | 103 | Sophisticated Phishing Campaigns Bypassing Email Security | 11.1 - Implement and Manage Email Protections | 8 |
| 337 | 103 | Sophisticated Phishing Campaigns Bypassing Email Security | 16.2 - Train Workforce Members on Social Engineering Attacks | 9 |
| 338 | 103 | Sophisticated Phishing Campaigns Bypassing Email Security | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 7 |
| 339 | 104 | Malware Delivered Through Supply Chain Compromise | 13.3 - Implement and Manage Secure Software Supply Chain Practices | 9 |
| 340 | 104 | Malware Delivered Through Supply Chain Compromise | 9.2 - Deploy and Maintain Anti-Malware Software | 7 |
| 341 | 104 | Malware Delivered Through Supply Chain Compromise | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 342 | 105 | Ransomware Targeting Backup Infrastructure | 10.8 - Perform and Test Data Backups | 8 |
| 343 | 105 | Ransomware Targeting Backup Infrastructure | 10.10 - Securely Store Backups | 9 |
| 344 | 105 | Ransomware Targeting Backup Infrastructure | 6.3 - Implement and Manage Network Segmentation | 7 |
| 345 | 106 | Data Exfiltration Through DNS Tunneling | 6.7 - Implement and Manage Domain Name System (DNS) Security | 9 |
| 346 | 106 | Data Exfiltration Through DNS Tunneling | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 8 |
| 347 | 106 | Data Exfiltration Through DNS Tunneling | 7.3 - Implement Data Loss Prevention (DLP) | 7 |
| 348 | 107 | Compromise of Cloud Service Provider Credentials | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 349 | 107 | Compromise of Cloud Service Provider Credentials | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 9 |
| 350 | 107 | Compromise of Cloud Service Provider Credentials | 5.4 - Securely Configure Cloud Infrastructure | 7 |
| 351 | 108 | Lateral Movement within the Network Post-Breach | 6.3 - Implement and Manage Network Segmentation | 10 |
| 352 | 108 | Lateral Movement within the Network Post-Breach | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 8 |
| 353 | 108 | Lateral Movement within the Network Post-Breach | 9.3 - Implement and Manage Endpoint Detection and Response (EDR) | 7 |
| 354 | 109 | Exploitation of Unsecured APIs | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 7 |
| 355 | 109 | Exploitation of Unsecured APIs | 12.4 - Implement and Manage Security for Software Applications | 9 |
| 356 | 109 | Exploitation of Unsecured APIs | 18.1 - Establish and Maintain a Penetration Testing Program | 8 |
| 357 | 110 | Credential Stuffing Attacks Against Web Applications | 4.7 - Enforce Account Password Requirements | 7 |
| 358 | 110 | Credential Stuffing Attacks Against Web Applications | 4.8 - Enforce Multi-Factor Authentication for All Users | 9 |
| 359 | 110 | Credential Stuffing Attacks Against Web Applications | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 360 | 111 | Brute-Force Attacks Targeting Cloud Services | 4.7 - Enforce Account Password Requirements | 8 |
| 361 | 111 | Brute-Force Attacks Targeting Cloud Services | 4.8 - Enforce Multi-Factor Authentication for All Users | 9 |
| 362 | 111 | Brute-Force Attacks Targeting Cloud Services | 5.4 - Securely Configure Cloud Infrastructure | 7 |
| 363 | 112 | Cryptojacking Exploiting Web Browser Vulnerabilities | 11.2 - Implement and Manage Web Browser Protections | 9 |
| 364 | 112 | Cryptojacking Exploiting Web Browser Vulnerabilities | 9.2 - Deploy and Maintain Anti-Malware Software | 7 |
| 365 | 112 | Cryptojacking Exploiting Web Browser Vulnerabilities | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 366 | 113 | Business Logic Flaws in Applications Leading to Data Breach | 12.4 - Implement and Manage Security for Software Applications | 9 |
| 367 | 113 | Business Logic Flaws in Applications Leading to Data Breach | 8.4 - Perform Application Security Testing | 8 |
| 368 | 113 | Business Logic Flaws in Applications Leading to Data Breach | 7.1 - Establish and Maintain a Data Management Process | 7 |
| 369 | 114 | Malicious Insiders Exfiltrating Data Using Approved Tools | 4.3 - Manage Privileged Access | 8 |
| 370 | 114 | Malicious Insiders Exfiltrating Data Using Approved Tools | 7.3 - Implement Data Loss Prevention (DLP) | 9 |
| 371 | 114 | Malicious Insiders Exfiltrating Data Using Approved Tools | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 7 |
| 372 | 115 | Rogue or Shadow IT Devices on the Network | 3.6 - Establish and Maintain an Inventory of Non-Enterprise Assets | 9 |
| 373 | 115 | Rogue or Shadow IT Devices on the Network | 6.3 - Implement and Manage Network Segmentation | 7 |
| 374 | 115 | Rogue or Shadow IT Devices on the Network | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 375 | 116 | Compromise of CI/CD Pipelines Leading to Malicious Code Injection | 12.1 - Establish and Maintain a Software Development Life Cycle (SDLC) | 9 |
| 376 | 116 | Compromise of CI/CD Pipelines Leading to Malicious Code Injection | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 377 | 116 | Compromise of CI/CD Pipelines Leading to Malicious Code Injection | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 378 | 117 | Insecurely Configured Cloud Storage Buckets | 5.4 - Securely Configure Cloud Infrastructure | 10 |
| 379 | 117 | Insecurely Configured Cloud Storage Buckets | 7.1 - Establish and Maintain a Data Management Process | 8 |
| 380 | 117 | Insecurely Configured Cloud Storage Buckets | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 381 | 118 | Exploitation of Memory Corruption Vulnerabilities | 8.2 - Remediate Vulnerabilities Based on Risk | 9 |
| 382 | 118 | Exploitation of Memory Corruption Vulnerabilities | 9.3 - Implement and Manage Endpoint Detection and Response (EDR) | 8 |
| 383 | 118 | Exploitation of Memory Corruption Vulnerabilities | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 384 | 119 | Data Breaches Due to Misconfigured Security Groups | 5.4 - Securely Configure Cloud Infrastructure | 9 |
| 385 | 119 | Data Breaches Due to Misconfigured Security Groups | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 386 | 119 | Data Breaches Due to Misconfigured Security Groups | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 387 | 120 | Use of Default or Weak Encryption Keys | 12.7 - Plan and Implement Cryptographic Key Management | 9 |
| 388 | 120 | Use of Default or Weak Encryption Keys | 12.5 - Enforce Encryption of Data-at-Rest | 8 |
| 389 | 120 | Use of Default or Weak Encryption Keys | 12.6 - Enforce Encryption of Data-in-Transit | 7 |
| 390 | 121 | Vulnerabilities in Third-Party Libraries and Dependencies | 8.1 - Establish and Maintain a Vulnerability Management Process | 8 |
| 391 | 121 | Vulnerabilities in Third-Party Libraries and Dependencies | 12.1 - Establish and Maintain a Software Development Life Cycle (SDLC) | 9 |
| 392 | 121 | Vulnerabilities in Third-Party Libraries and Dependencies | 2.1 - Establish and Maintain an Inventory of Authorized Software | 7 |
| 393 | 122 | Targeted Attacks on Operational Technology (OT) Systems | 5.6 - Securely Configure Industrial Control Systems (ICS) | 9 |
| 394 | 122 | Targeted Attacks on Operational Technology (OT) Systems | 6.6 - Implement and Manage Network Segmentation for ICS | 10 |
| 395 | 122 | Targeted Attacks on Operational Technology (OT) Systems | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 8 |
| 396 | 123 | Data Aggregation from Multiple Sources Leading to Privacy Violations | 7.1 - Establish and Maintain a Data Management Process | 8 |
| 397 | 123 | Data Aggregation from Multiple Sources Leading to Privacy Violations | 3.4 - Manage Sensitive Assets | 9 |
| 398 | 123 | Data Aggregation from Multiple Sources Leading to Privacy Violations | 1.2 - Establish and Maintain Enterprise Security Policies | 7 |
| 399 | 124 | AI Poisoning Attacks Manipulating Machine Learning Models | 15.4 - Establish and Maintain a Security Architecture | 8 |
| 400 | 124 | AI Poisoning Attacks Manipulating Machine Learning Models | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 401 | 124 | AI Poisoning Attacks Manipulating Machine Learning Models | 1.4 - Establish and Maintain a Threat Intelligence Program | 6 |
| 402 | 125 | Quantum Computing Attacks Breaking Current Encryption | 12.7 - Plan and Implement Cryptographic Key Management | 9 |
| 403 | 125 | Quantum Computing Attacks Breaking Current Encryption | 15.4 - Establish and Maintain a Security Architecture | 7 |
| 404 | 125 | Quantum Computing Attacks Breaking Current Encryption | 1.4 - Establish and Maintain a Threat Intelligence Program | 6 |
| 405 | 126 | Deepfake Technology Used for Social Engineering | 16.2 - Train Workforce Members on Social Engineering Attacks | 9 |
| 406 | 126 | Deepfake Technology Used for Social Engineering | 11.1 - Implement and Manage Email Protections | 7 |
| 407 | 126 | Deepfake Technology Used for Social Engineering | 13.1 - Establish and Maintain a Security Awareness Program | 6 |
| 408 | 127 | Blockchain Vulnerabilities Leading to Financial Loss | 12.4 - Implement and Manage Security for Software Applications | 8 |
| 409 | 127 | Blockchain Vulnerabilities Leading to Financial Loss | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 7 |
| 410 | 127 | Blockchain Vulnerabilities Leading to Financial Loss | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 411 | 128 | Serverless Function Vulnerabilities | 5.4 - Securely Configure Cloud Infrastructure | 8 |
| 412 | 128 | Serverless Function Vulnerabilities | 12.4 - Implement and Manage Security for Software Applications | 7 |
| 413 | 128 | Serverless Function Vulnerabilities | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 414 | 129 | Insider Threats Leveraging Data in Motion | 7.3 - Implement Data Loss Prevention (DLP) | 8 |
| 415 | 129 | Insider Threats Leveraging Data in Motion | 12.6 - Enforce Encryption of Data-in-Transit | 7 |
| 416 | 129 | Insider Threats Leveraging Data in Motion | 14.5 - Establish and Maintain an Audit Log Review and Analysis Process | 6 |
| 417 | 130 | Compromise of Hardware Supply Chain (Hardware Implants) | 13.4 - Implement and Manage Secure Hardware Supply Chain Practices | 9 |
| 418 | 130 | Compromise of Hardware Supply Chain (Hardware Implants) | 3.1 - Establish and Maintain Inventory of Enterprise Assets | 7 |
| 419 | 130 | Compromise of Hardware Supply Chain (Hardware Implants) | 18.1 - Establish and Maintain a Penetration Testing Program | 6 |
| 420 | 131 | Formjacking Attacks Stealing Payment Card Data | 12.4 - Implement and Manage Security for Software Applications | 9 |
| 421 | 131 | Formjacking Attacks Stealing Payment Card Data | 11.2 - Implement and Manage Web Browser Protections | 7 |
| 422 | 131 | Formjacking Attacks Stealing Payment Card Data | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 423 | 132 | SIM Swapping Leading to Account Takeover | 4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts | 9 |
| 424 | 132 | SIM Swapping Leading to Account Takeover | 16.1 - Conduct Security Awareness and Skills Training | 7 |
| 425 | 132 | SIM Swapping Leading to Account Takeover | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 6 |
| 426 | 133 | Attacks Targeting APIs of Third-Party Services | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 7 |
| 427 | 133 | Attacks Targeting APIs of Third-Party Services | 12.4 - Implement and Manage Security for Software Applications | 8 |
| 428 | 133 | Attacks Targeting APIs of Third-Party Services | 13.6 - Monitor Supplier Security | 7 |
| 429 | 134 | Insufficient Segmentation of Cloud Workloads | 5.4 - Securely Configure Cloud Infrastructure | 9 |
| 430 | 134 | Insufficient Segmentation of Cloud Workloads | 6.3 - Implement and Manage Network Segmentation | 8 |
| 431 | 134 | Insufficient Segmentation of Cloud Workloads | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 7 |
| 432 | 135 | Compromise of Managed Service Provider (MSP) Infrastructure | 4.6 - Manage External Accounts | 8 |
| 433 | 135 | Compromise of Managed Service Provider (MSP) Infrastructure | 13.5 - Manage Supplier Access | 9 |
| 434 | 135 | Compromise of Managed Service Provider (MSP) Infrastructure | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 435 | 136 | Abuse of Stored Cross-Site Scripting (XSS) Vulnerabilities | 8.4 - Perform Application Security Testing | 9 |
| 436 | 136 | Abuse of Stored Cross-Site Scripting (XSS) Vulnerabilities | 12.2 - Secure Software via Secure Coding Practices | 8 |
| 437 | 136 | Abuse of Stored Cross-Site Scripting (XSS) Vulnerabilities | 6.2 - Establish and Maintain a Baseline Configuration of Endpoints | 6 |
| 438 | 137 | Exploitation of Race Conditions in Applications | 12.2 - Secure Software via Secure Coding Practices | 8 |
| 439 | 137 | Exploitation of Race Conditions in Applications | 8.4 - Perform Application Security Testing | 7 |
| 440 | 137 | Exploitation of Race Conditions in Applications | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 441 | 138 | ARP Spoofing and Man-in-the-Middle Attacks on Local Networks | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 8 |
| 442 | 138 | ARP Spoofing and Man-in-the-Middle Attacks on Local Networks | 6.3 - Implement and Manage Network Segmentation | 7 |
| 443 | 138 | ARP Spoofing and Man-in-the-Middle Attacks on Local Networks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 444 | 139 | DNS Spoofing and Cache Poisoning Attacks | 6.7 - Implement and Manage Domain Name System (DNS) Security | 9 |
| 445 | 139 | DNS Spoofing and Cache Poisoning Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 446 | 139 | DNS Spoofing and Cache Poisoning Attacks | 11.2 - Implement and Manage Web Browser Protections | 6 |
| 447 | 140 | Border Gateway Protocol (BGP) Hijacking | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 8 |
| 448 | 140 | Border Gateway Protocol (BGP) Hijacking | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 449 | 140 | Border Gateway Protocol (BGP) Hijacking | 1.4 - Establish and Maintain a Threat Intelligence Program | 6 |
| 450 | 141 | ICMP Flood Attacks | 6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques | 8 |
| 451 | 141 | ICMP Flood Attacks | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 452 | 141 | ICMP Flood Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 453 | 142 | SYN Flood Attacks | 6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques | 9 |
| 454 | 142 | SYN Flood Attacks | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 8 |
| 455 | 142 | SYN Flood Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 456 | 143 | Smurf Attacks | 6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques | 8 |
| 457 | 143 | Smurf Attacks | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 458 | 143 | Smurf Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 459 | 144 | Fraggle Attacks | 6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques | 8 |
| 460 | 144 | Fraggle Attacks | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 461 | 144 | Fraggle Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 462 | 145 | GTP Tunneling Exploits in Mobile Networks | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 463 | 145 | GTP Tunneling Exploits in Mobile Networks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 464 | 145 | GTP Tunneling Exploits in Mobile Networks | 1.4 - Establish and Maintain a Threat Intelligence Program | 5 |
| 465 | 146 | SIP Flood Attacks Targeting VoIP Infrastructure | 6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques | 9 |
| 466 | 146 | SIP Flood Attacks Targeting VoIP Infrastructure | 6.4 - Implement and Manage Network Infrastructure Device Hardening | 7 |
| 467 | 146 | SIP Flood Attacks Targeting VoIP Infrastructure | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 468 | 147 | LLMNR/NBT-NS Poisoning | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 7 |
| 469 | 147 | LLMNR/NBT-NS Poisoning | 6.3 - Implement and Manage Network Segmentation | 8 |
| 470 | 147 | LLMNR/NBT-NS Poisoning | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 6 |
| 471 | 148 | Pass-the-Hash Attacks | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 9 |
| 472 | 148 | Pass-the-Hash Attacks | 4.3 - Manage Privileged Access | 8 |
| 473 | 148 | Pass-the-Hash Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 474 | 149 | Pass-the-Ticket Attacks (Kerberoasting) | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 8 |
| 475 | 149 | Pass-the-Ticket Attacks (Kerberoasting) | 4.3 - Manage Privileged Access | 9 |
| 476 | 149 | Pass-the-Ticket Attacks (Kerberoasting) | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |
| 477 | 150 | Golden SAML Attacks | 4.1 - Establish and Maintain a Secure Access Control Policy and Procedures | 9 |
| 478 | 150 | Golden SAML Attacks | 4.3 - Manage Privileged Access | 8 |
| 479 | 150 | Golden SAML Attacks | 14.1 - Establish and Maintain a Security Logging and Monitoring Process | 7 |