By Caroline Faulder, Senior Manager – Strategy & Consulting, CyberCX UK

In today’s technologically advanced world, your organisation is reliant on digital assets to function and meet its business objectives. These digital assets are just as valuable to your organisation as physical assets like facilities, workstations and machinery. Unfortunately, they are also valuable to cyber criminals seeking financial gain through fraud, identity theft or ransom.

The importance of safeguarding your most valuable digital assets, known as your ‘crown jewels’, cannot be understated. Assets such as intellectual property, customer data, financial records or strategic plans, are vital to your organisation’s success and security. A compromise of these assets can have severe consequences, including financial losses, reputational damage, legal issues and operational disruptions.

Just as the Crown Jewels in the Tower of London are protected with multiple layers of security, your digital assets demand similar, if not more, attention and protection.

Identifying your Crown Jewels

The first, and most critical step, is to pinpoint what your crown jewels are. This task is not always clear-cut, as different organisations may value different types of data.

For example, consider what type of data you would be most upset about losing if you lost your phone. For some people, it would be your photographs and the cherished memories associated with them. For others, it would be your contact list and the associated connections with your network. It could be the vast collection of to-do lists, notes and reminders used to organise your life. The crown jewels in this analogy are different for each person, depending on how you use their phone and the value you place on the types of data stored within it.

To identify crown jewels, your organisation should undertake a thorough risk assessment against both its technological infrastructure and business functions. This assessment should gauge the potential repercussions of a security breach on various digital assets. The assets which result it the most severe scenarios are your crown jewels and their protection should be prioritised.

Protecting your Crown Jewels

Armed with this knowledge, your organisation can then decide on the best controls (or layers of security) to protect your crown jewels. Robust access controls are indispensable. They guarantee that only those with the proper credentials can access the crown jewels. Data encryption acts as another vital layer of protection, ensuring that even if data falls into the wrong hands, it remains indecipherable. Up-to-date backups mean you can recover your crown jewels if something does impact them.

Network segmentation, which entails dividing a computer network into smaller, isolated networks, can ensure that a compromise in one segment doesn’t jeopardise all of your crown jewels. Intrusion detection and monitoring systems can offer real-time notifications, ensuring swift action against any anomalies.

Yet, technology is only part of the solution. Periodic employee training and awareness initiatives can ensure that every individual within the organisation understands their role in safeguarding your crown jewels. A single misguided click by an uninformed employee can be the gateway to a significant breach.

External expertise and continuous review

Tapping into external expertise can help inform and validate your list of crown jewels. With their diverse client experiences, external consultants can provide insights that might elude an internal team and can assist in identifying effective and cost-efficient controls.

Moreover, the cybersecurity landscape is ever-evolving and threats that are pertinent today might be obsolete tomorrow. Continuous improvement, regular audits, and staying updated with the latest in cybersecurity are essential to ensure that your crown jewels remain well-guarded.

Be proactive

All organisations, regardless of your size and domain, can be attacked by cybercriminals targeting your crown jewels. Therefore, all organisations must recognise the value of their digital assets and take proactive measures to ensure their security. This process demands a comprehensive strategy that melds technology, people and processes to protect your crown jewels from harm.


Read more articles here.