Protecting Crown Jewel Assets: What's Your Action Plan?
Whether it's your data, your customers' data, or your partners' data, your reputation and your entire business can all be gone with a single breach if you haven't secured the crown jewels assets on your network.
Every organization has “crown jewels.” You may know them as toxic assets, high-value assets, or mission critical systems. Examples include:
- Customer account information
- Active Directory
- Client data
- Document management system (DMS)
- Personally identifiable information (PII)
- Payment systems
After years of devastating global breaches, many organizations are moving security behind the external perimeter and beyond the firewall, ringfencing their crown jewel applications from other applications and points of entry using microperimeters. Increasingly, regulations such as SWIFT and PCI also mandate segmentation within your network; but the threat of becoming a cautionary tale carries its own sting for businesses with assets worth protecting.
Even beyond the benefits of securing crown jewel assets, there are hard dollar savings to stopping the spread of breaches anywhere on the network. In the 2018 Ponemon Institute report sample, companies that contained a breach in fewer than 30 days saved over $1 million compared to those that took more than 30 days.
Unfortunately, worst case scenarios likely aren't enough to build consensus and gain buy-in with your organization. And while the benefits of being able to apply specific restrictions to your most valuable assets should be obvious, exactly how to achieve it is a stumbling block for many organizations.
So how do you build a solid business case and a practical plan of action to secure your "crown jewels" and avoid the unthinkable?
Your action plan should address these questions:
- How do you value your crown jewel applications?
- What is the cost of status quo security and the benefit of a new way?
- Which stakeholders should you bring to the table?
- What solution is right for you?
- How can you ensure successful deployment and operationalize it to become a security superhero?
We cover each of these topics and more in our best practice guide on how to secure your crown jewel applications.