Build an Optimal Digital Asset Security Services Plan

Build the security your digital assets need, not the security you think you need.

Unlock

This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

Your Challenge

  • The main problem is digital assets are currently unsecured allowing for unwanted access and exfiltration of sensitive data resulting in major losses (IP or proprietary information) and major costs (detection, notification, data recovery, legal) to the organization.
  • IT has a limited budget to secure their digital assets from an increasingly more persistent and complex cyber threat. Data needs to be secured in multiple areas, across multiple mediums, but under budget restrictions causing jeopardizing security trade-offs.


Our Advice

Critical Insight

  • Conventional asset security attempts to secure the data and information in a static, case by case method: secure data residency, then where it is processed, then on the end point and so on. 
  • To be truly effective and optimize your security spend, a life cycle approach must be adopted that secures the entire life of the digital asset. 
  • All assets need to be looked at together and across all touch points to create an asset security system dedicated to preventing data theft or leaks, while also focusing on doing the most with the least.

Impact and Result

  • Create a holistic understanding of your organization's digital asset status and maturity level.
  • Secure your organization's digital assets in an optimal way to achieve the greatest benefit within your constraints.


Build an Optimal Digital Asset Security Services Plan

1

Identify digital assets and determine their enterprise value

Identify assets across the enterprise and assess their sensitivity, financial value, and competitive value to determine their overall enterprise value.

2

Analyze the life cycle of critical digital assets

Realize the complete life cycle of digital assets through touch-point identification and medium cross-over.

3

Assess current digital asset security systems

Analyze current asset security systems in place to gain hard understanding of how assets are currently secured.

4

Identify and prioritize asset security gaps

Determine current asset security gaps and prioritize those gaps based on importance, achievability, and the enterprise-determined risk tolerance level.

5

Create an asset security optimization action plan

Design an action plan that secures the organization's digital assets, meets the organization's requirements, aligns with its priorities, and increases its dollar spend effectiveness.

6

Build an asset security governance plan

Create a governance plan to ensure sustainable asset security through effective maintenance and revision, keeping up to date with new asset threats, and having a measurement process to ensure continued value.

Onsite Workshop

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Asset Identification, Evaluation, and Critical Asset Lifecycle Analysis

The Purpose

  • Comprehensively identify all digital assets within the organization and classify them based on enterprise value.
  • Find out which need to be secured based on their value as determined by the enterprise.
  • Classify the organizations digital value to realize what is most important to the sustainability and viability of the organization.

Key Benefits Achieved

  • Identify all relevant assets to the organization.
  • Arrive upon a final enterprise value of each asset based from a comprehensive evaluation.
  • Realize the complete life cycle nature of digital assets through touch point identification and medium cross over.

Activities:
Outputs

1.1

Identity your enterprise risk tolerance level

  • Enterprise Risk Tolerance

1.2

Identify your digital assets

  • Asset Identification

1.3

Evaluate the enterprise value of the data to the organization

  • Asset Value Determination
  • Value Determination Results

1.4

Swim lane analysis of critical assets

  • Life cycle Analysis

Module 2: Current Security Assessment and Gap Prioritization

The Purpose

  • Realize the benefit of data life cycle analysis.
  • Understand actual movement of your digital assets.
  • Document and identity life cycle movements of digital assets.

Key Benefits Achieved

  • Analyze current asset security systems in place to gain hard understanding of how assets are currently secured.
  • Identify the current requirements of asset security based on architectural, organizational, and security requirements.
  • Prioritize gaps and solutions based on importance, achievability, and the enterprise determined risk tolerance level.

Activities:
Outputs

2.1

Current Asset Security Analysis

  • Current Assessment

2.2

Risk Tolerance Identification

2.3

Enterprise Requirements Understanding

2.4

Gap Identification

  • Gap ID and Prioritization

2.5

Gap Prioritization

Module 3: Asset Security Optimization Plan

The Purpose

  • Evaluate your current digital asset security measures to understand your current capability and maturity levels.
  • Determine your starting point of asset security effectiveness.
  • Identity your security gaps.
  • Prioritize your security gaps.

Key Benefits Achieved

  • Create an action plan that secures the organization's digital assets, meets the organizations requirements, aligns with its priorities, and increases its dollar spend effectiveness.
  • Effectively implement each security system ensuring high end-user acceptance and senior management buy-in.

Activities:
Outputs

3.1

Encryption Implementation

  • Optimization Plan

3.2

DLP Implementation

3.3

Endpoint Security

3.4

End-User Education

3.5

Web Application Firewall, Application Penetration Testing and Cove Verification Implementation

Module 4: Asset Security Governance Plan

The Purpose

  • Develop an asset security action plan to effectively meet your asset security requirements.
  • Develop and establish asset security requirements for implementation and completion.
  • Ensure sustainable asset security.

Key Benefits Achieved

  • Creation of a governance plan to ensure sustainable asset security through effective maintenance and revision.
  • Keep up to date with new asset threats.
  • Determine when to review and when to revise.
  • Measure success continually.

Activities:
Outputs

4.1

Asset Security Governance Plan Creation

  • Asset Security Governance Policies

4.2

Device inventory process

  • Device Inventory Process

4.3

Threat intelligence sharing program

  • Ownership and Responsibility Allocation

4.4

Ownership and responsibility allocation

  • Review or Revision Trigger

4.5

Review and revision process creation

  • Threat Intelligence Program

Search Code: 74649
Published: April 10, 2014
Last Revised: April 15, 2014