In recent cyber trends, many adversaries can remain hidden for a month before detection, Many reputed organizations are still struggling to stop attackers from intruding into their internal network/system. In this case, we need some proactive approaches to defend against these attacks.
Crown Jewels Analysis is a process or a technique to identify the cyber assets to accomplish an organization’s mission. Hence it plays a vital role in providing a methodology that helps to understand what is most critical—beginning during systems development and continuing through system deployment.
How it Works ?
In short summary it’s a strategy to identify or prioritize organization assets to prevent or mitigate cyber risks, hence assets include servers, workstations, etc, it generally depends on the organization’s postures.
- Establishing Mission Priority
- Identifying mission dependance
- Mission impact analysis
- Threat assessment
- Risk remediation analysis
The first and foremost process of crown jewels analysis is to prioritize an asset in an organization, generally, assets classification is generally classified into three major tiers
Tier 1: Public Information
Tier 2: Internal Information
Tier 3: Restricted Information
The main focus of CJA is to concentrate more on Tier: 3 [Restricted Information], hence before implementing CJA it’s been more important to have a well-defined or well-classified asset classification. And to prioritize assets that are more important or more commonly used.
Also Read: What is the MITRE ATT&CK Framework? How Is It Useful
- Threat Assessment & Remediation Analysis (TARA)
- Cyber Command System
Threat Assessment & Remediation Analysis
Threat Assessment & Remediation Analysis (TARA) is an engineering methodology to identify, prioritize, and respond to cyber threats through the application of countermeasures that reduce susceptibility to cyber-attack. TARA is a system-level engineering practice within the MITRE Mission Assurance Engineering (MAE)
Cyber Command System
The tool addresses the objective of improved mission assurance in cyberspace by enabling the mapping of mission operations to the network operations that support those missions. This tool provides mission-impact assessment through situational awareness and impacts analysis. CyCS addresses mission-assurance challenges for highly distributed enterprise systems through vulnerability, threat, and consequence management.
CJA will provide mission-impact assessment through impact analysis in addition to TARA and CYCS.