Search
Close this search box.

Unveiling the Power of Crown Jewels Analysis

Vivian Lee

The Crown Jewels Analysis

In the ever-evolving world of cybersecurity, it’s easy to get lost in a sea of complex tools, software, and acronyms. One approach that has proven to be invaluable is the concept of crown jewels analysis. MITRE explains that this process “provides a repeatable approach to capturing knowledge from organizational Subject Matter Experts (SMEs), documenting known dependencies, and prioritizing assets based on their criticality to mission.”

Airiam’s CEO, Conor Quinlan, firmly believes that simplifying the conversation is key for executives and business owners. The concept is important, but the “Who” and “How” aspects often involve overwhelming technical jargon. Let’s explore how crown jewels analysis can help businesses prioritize their assets and protect what truly matters.

Unveiling the Crown Jewels

Imagine your business as a fortress, filled with valuable treasures.

Your business is a fortress, and your assets are your crown jewels

These treasures, or crown jewels, represent the critical assets that need the utmost protection. The analysis enables businesses to identify and understand these vital components. It goes beyond the surface-level vulnerabilities and focuses on pinpointing what truly matters. So, how do you know which assets are your crown jewels?

Identifying Your Crown Jewels

Airiam’s Field CISO/CIO, Art Ocain, has first-hand experience in consulting with clients who have no idea what is important to their business’s livelihood, and that’s concerning. Before you can protect your business, you need to know what you’re protecting.

The first step in crown jewels analysis is to identify your crown jewels. This involves determining the systems, data, or processes that are essential for your business’s success.

Ask yourself:

  • What generates revenue?
  • What supports our core business functions?
  • Is it intellectual property, customer records, or sensitive financial data?

By understanding these critical elements, you can start building a strong foundation for your cybersecurity strategy.

Prioritizing Protection

Once you have identified your crown jewels, it’s crucial to prioritize their protection. Remember, not all assets are created equal. Some are more vulnerable and valuable than others.

For example

You’re a healthcare company called Jewel Health. You specialize in children’s health.

Two assets you have are your electronic health records (EHR) and research and development (R&D) database. Both contain sensitive information that affect the company’s ability to function.

The EHR contains: The R&D database stores:
Medical history Valuable research findings
Treatment plans Experimental data
Personal identifiers Proprietary information

While a breach on the R&D database would have a huge impact on Jewel Health’s work, a breach of the EHR system could have more severe consequences, including legal liabilities, reputational damage, and potential harm to patients. The analysis allows you to evaluate the impact and potential risks associated with each asset. This information empowers you to allocate resources effectively and implement robust security measures where they matter most.

Overcoming Challenges

Implementing crown jewels analysis may pose some challenges. Many businesses struggle to identify their most valuable assets and the supporting data behind them. Conducting workshops and engaging stakeholders in the process can help shed light on these critical components. It requires collaboration and a deep dive into the inner workings of your business. But once you uncover your critical assets, the path to effective cybersecurity becomes clearer. Truthfully, identifying those key assets is the biggest hurdle for most cases.

The Power of Simplicity

One of the remarkable aspects of the crown jewels analysis is its ability to simplify the complex cybersecurity landscape. By focusing on what truly matters, we can bypass the overwhelming technical jargon and acronyms. Executives and business owners can gain clarity and make informed decisions without getting lost in the intricate details. It’s about understanding the big picture and taking action to secure your critical assets.

In an era where cybersecurity is a top concern for businesses of all sizes, the crown jewels analysis provides a powerful framework for simplifying the conversation and protecting what matters most. By identifying your crown jewels, prioritizing their protection, and embracing simplicity, you can navigate the complex cybersecurity landscape with confidence. So, let’s embark on this journey together, safeguarding our critical assets and fortifying our businesses against the ever-present threats in the digital realm.

Watch The Video

 

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

The Importance of Backups for Your Business

The Importance of Backups for Your Business In today’s digital age, businesses rely on computer systems and data storage to run their operations. As such, it’s crucial to have a backup system in place to ensure that critical data can be restored in the
Avatar photo
Joshua King
>>Read More

Patching in VMware

  VMware is Frequent Attack Target Cybercriminals have been targeting VMware and vCenter more than ever, exploiting newly discovered vulnerabilities with ease. Without high availability redundancies in place to facilitate patching, organizations c
Avatar photo
Art Ocain
>>Read More

MFA and EDR is a Minimum, Disaster Recovery is Required

   Disaster Recovery Should Be Mandatory Businesses of all sizes are becoming increasingly reliant on technology to drive their operations. However, this growing dependence on technology also opens the door to various cybersecurity threats that
Avatar photo
Art Ocain
>>Read More