- The main problem is digital assets are currently unsecured allowing for unwanted access and exfiltration of sensitive data resulting in major losses (IP or proprietary information) and major costs (detection, notification, data recovery, legal) to the organization.
- IT has a limited budget to secure their digital assets from an increasingly more persistent and complex cyber threat. Data needs to be secured in multiple areas, across multiple mediums, but under budget restrictions causing jeopardizing security trade-offs.
- Conventional asset security attempts to secure the data and information in a static, case by case method: secure data residency, then where it is processed, then on the end point and so on.
- To be truly effective and optimize your security spend, a life cycle approach must be adopted that secures the entire life of the digital asset.
- All assets need to be looked at together and across all touch points to create an asset security system dedicated to preventing data theft or leaks, while also focusing on doing the most with the least.
Impact and Result
- Create a holistic understanding of your organization's digital asset status and maturity level.
- Secure your organization's digital assets in an optimal way to achieve the greatest benefit within your constraints.
1. Identify digital assets and determine their enterprise value
Identify assets across the enterprise and assess their sensitivity, financial value, and competitive value to determine their overall enterprise value.
2. Analyze the life cycle of critical digital assets
Realize the complete life cycle of digital assets through touch-point identification and medium cross-over.
3. Assess current digital asset security systems
Analyze current asset security systems in place to gain hard understanding of how assets are currently secured.
4. Identify and prioritize asset security gaps
Determine current asset security gaps and prioritize those gaps based on importance, achievability, and the enterprise-determined risk tolerance level.
5. Create an asset security optimization action plan
Design an action plan that secures the organization's digital assets, meets the organization's requirements, aligns with its priorities, and increases its dollar spend effectiveness.
6. Build an asset security governance plan
Create a governance plan to ensure sustainable asset security through effective maintenance and revision, keeping up to date with new asset threats, and having a measurement process to ensure continued value.
This guided implementation is a six call advisory process.
Call #1 - Identify digital assets and determine their enterprise value
Identify your digital assets and their characteristics across your organization. Assist in evaluating your assets based on their enterprise value.
Call #2 - Analyze the life cycle of critical digital assets
Develop a deep understanding of the data flow and touch points throughout the organization. Review the data residency, all its touch points, and actual lines of flow.
Call #3 - Assess current digital asset security systems
Determine your security systems' maturity and capability levels by reviewing current security systems and their capabilities and features as well as developing your architectural and organizational requirements.
Call #4 - Identify and prioritize asset security gaps
Evaluate your identified gaps and assess their importance and achievability in your organization. Help identify any unaccounted for considerations that need input.
Call #5 - Build a digital asset security optimization action plan
Walk through the creation of an action plan for implementation of new data protection systems.
Call #6 - Build an asset security governance plan
Maintain asset security sustainability. Discuss various processes to be implemented.
Book Your Workshop
Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Asset Identification, Evaluation, and Critical Asset Lifecycle Analysis
- Comprehensively identify all digital assets within the organization and classify them based on enterprise value.
- Find out which need to be secured based on their value as determined by the enterprise.
- Classify the organizations digital value to realize what is most important to the sustainability and viability of the organization.
Key Benefits Achieved
- Identify all relevant assets to the organization.
- Arrive upon a final enterprise value of each asset based from a comprehensive evaluation.
- Realize the complete life cycle nature of digital assets through touch point identification and medium cross over.
Identity your enterprise risk tolerance level
- Enterprise Risk Tolerance
Identify your digital assets
- Asset Identification
Evaluate the enterprise value of the data to the organization
- Asset Value Determination
- Value Determination Results
Swim lane analysis of critical assets
- Life cycle Analysis
Module 2: Current Security Assessment and Gap Prioritization
- Realize the benefit of data life cycle analysis.
- Understand actual movement of your digital assets.
- Document and identity life cycle movements of digital assets.
Key Benefits Achieved
- Analyze current asset security systems in place to gain hard understanding of how assets are currently secured.
- Identify the current requirements of asset security based on architectural, organizational, and security requirements.
- Prioritize gaps and solutions based on importance, achievability, and the enterprise determined risk tolerance level.
Current Asset Security Analysis
- Current Assessment
Risk Tolerance Identification
Enterprise Requirements Understanding
- Gap ID and Prioritization
Module 3: Asset Security Optimization Plan
- Evaluate your current digital asset security measures to understand your current capability and maturity levels.
- Determine your starting point of asset security effectiveness.
- Identity your security gaps.
- Prioritize your security gaps.
Key Benefits Achieved
- Create an action plan that secures the organization's digital assets, meets the organizations requirements, aligns with its priorities, and increases its dollar spend effectiveness.
- Effectively implement each security system ensuring high end-user acceptance and senior management buy-in.
- Optimization Plan
Web Application Firewall, Application Penetration Testing and Cove Verification Implementation
Module 4: Asset Security Governance Plan
- Develop an asset security action plan to effectively meet your asset security requirements.
- Develop and establish asset security requirements for implementation and completion.
- Ensure sustainable asset security.
Key Benefits Achieved
- Creation of a governance plan to ensure sustainable asset security through effective maintenance and revision.
- Keep up to date with new asset threats.
- Determine when to review and when to revise.
- Measure success continually.
Asset Security Governance Plan Creation
- Asset Security Governance Policies
Device inventory process
- Device Inventory Process
Threat intelligence sharing program
- Ownership and Responsibility Allocation
Ownership and responsibility allocation
- Review or Revision Trigger
Review and revision process creation
- Threat Intelligence Program