In a world of deep fakes, securing an organization’s crown jewels gets real

Image of some crown jewels

Business is tough. So, the last thing any organization needs is a cyber attack.

Unfortunately, battling cyber-attacks is now an inevitable part of doing modern business. Data breaches happen with alarming frequency, businesses of all sizes (with smaller businesses being targeted more and more) are being held to ransom and the tools and techniques cyber criminals use are being made available on the dark web for anyone to learn or purchase.

The challenge this creates is an overwhelming cyber threat, in which potential breaches could come from numerous sources (including one’s own staff, even if little more than by accident) and affect numerous different areas of a business. Sadly, 100 percent protection is impossible to achieve. You can, of course, get close, but the closer you get to full protection, the more expensive and resource-intensive cyber defense becomes.


Focusing on the crown jewels

This is precisely why many businesses are choosing to focus on their crown jewels. These are the most valuable and critical digital assets an organization holds. Much like the British monarchy safeguards its actual crown jewels with tight security, due to the significant loss and reputational damage if they were to be stolen, a business’s crown jewels would, too, create irreparable loss and leave a stain on the brand name that could even be more damaging that the missing asset.

Crown jewels, in a business sense, may be sensitive information, IP, trade secrets, customer data, financial records, secure configuration data, core application configurations, strategic plans or any other data or resources that are vital to the success of the organization. Simply put, they are the single most important asset to the business, which, if removed, would quickly put an end to the organization forever.

The types of severe consequences of a breach or compromise of these assets include financial losses, reputational damage, legal and regulatory issues and operational disruptions.

It therefore follows that protecting the crown jewels must be of utmost importance. They must be protected at all costs but, first, they must be identified.

To identify your crown jewels, the best approach is to run an impact assessment against both your organization’s technology stack and business functions, evaluating the potential implications of a security breach on different digital assets being utilized. Quite simply, the assets that result in the most severe scenarios are your crown jewels.

After identifying and classifying assets, performance of a risk assessment (to identify the threats and vulnerabilities applicable to systems) should take place to inform what controls should be implemented. It may well be that to have reached this stage a business has selected a cyber security partner to support the identification of crown jewels, but if not, this is a stage at which I thoroughly recommend bringing in cyber experts.

A variety of cyber defense methods may be implemented at this stage, such as strong access controls, data encryption, proactive cyber threat intelligence gathering, network segmentation and intrusion detection and monitoring. Putting these systems into place will take time and will, in some cases, require additional recourse, but it is worth remembering the alternative of not being protected. Such defenses are healthy insurance for the continued success of a business.

As no cyber defense strategy will secure a business fully, there is always risk. As such, disaster recovery must also be considered for your crown jewels. A simple, yet highly effective, disaster recovery strategy is to run regular backups – should the crown jewels be compromised, you’ll have access to a recent copy. In cases such as ransom attacks, this is highly effective as all the leverage the cybercriminal expects to have becomes lost.


Humans are often the weakest link

A critical, often overlooked element of best practice cyber strategy involves employee training and awareness. Humans are often the weakest link, susceptible to phishing and social engineering, meaning those who hold the keys to the crown jewels can often be convinced to hand them over. The aforementioned processes will step in as much as possible, but cybercriminals are relentless.

Training will help employees understand the part they play in an organization’s cyber defenses. It will show them what to look out for, the importance of following processes and not cutting corners, even if asked to by a superior (and in the world of deep fakes, where the CEO’s voice can be mimicked, this is crucial to follow).

Furthermore, training should include mapping out of incident responses and planning for various scenarios, making for faster, more effective incident response in the face of a real breach. Again, engaging in external expertise will further support at this crucial stage of educating employees about the risks, processes and critical role they play in securing both the business and, to highlight the importance further, their jobs.

Businesses are facing a whole host of issues, with cyber security but one concern many organizations have on their plate right now. However, the crown jewels are crucial to a business and cyber security for these must be of paramount importance. Being prepared, setting up the right processes, educating staff and collaborating with cyber experts, will secure the business and ensure its resilience to whatever the storm brings.