How secure are your Critical and High-Value Assets?
The most valuable data, intellectual property (IP) and trade secrets which form the heart of an organisation’s identity are commonly referred to as its Crown Jewels. For most organisations up to 2% of total sensitive data constitutes the intellectual property and other enterprise critical data which represents an estimated 70% of the value of publicly traded corporations. A crown jewels approach relies on data asset classification to identifies the crown jewels and along with risk analysis, helps organisations prioritise security efforts and align security investment.
In an age of persistent targeted cyber attacks, a company's crown jewels have never been more vulnerable. The theft, misuse or corruption of these critical assets can cripple operations, severely damage brand reputation, and dramatically reduce shareholder value.
The 5 steps of a Crown Jewels approach
A Crown Jewels Assessment by Infosec Partners was developed to help organisations identify the cyber assets that are most critical to the accomplishment of its mission. As it identifies the assets that demand the most protection, it is commonly a foundation activity on which we base the over-arching Security Risk Asssessment.
Determine the data protection objectives and develop an organisational data model.
Understand data lifecycle/ environment and identify areas of critical data storage, traffic, access.
Establish baseline requirements and assess current controls to identify gaps and determine solutions.
Plan and prioritise technical and business process transformations. Design & implement solutions that protect critical data and aligns/enables business growth objectives.
Determine metrics and process for monitoring, response and communications and continually revalidate and improve program effectiveness.