About the Program
The National Cybersecurity Center (NCC) created an assessment initiative tailored for state, local, tribal & territorial (SLTT) organizations. This program aims to accurately assess the operational fallout of cyberattacks and facilitate informed security investment decisions for critical functions.
Crown Jewels Identified
Departments Interviewed
Organizations Assessed
Methodology
Employing a meticulously developed methodology by MITRE, the program utilizes the Crown Jewels Analysis framework. By assessing dependencies and conducting Failure Modes Effects Analysis, this framework identifies and prioritizes critical assets.
Operational Insight: Recognizing the necessity for heightened awareness of cyber-attack implications, particularly in the context of constrained budgets, the program endeavors to equip organizations with the capability for effective business continuity planning and operational resilience.
Holistic Approach: Emphasizing the inadequacy of existing assessments, which often center solely on IT concerns, the program seeks to provide a holistic understanding of cyber-attack impacts on entire organizations setups, working with each department individually.
Deliverables
Impact Analysis
Evaluation of asset failure impacts on organizational mission objectives and department-specific critical tasks.
Crown Jewels List
Compilation of top priority assets necessitating protection based on criticality and impact analyses.
Recommendations
Tactical guidance on asset protection strategies, encompassing both technical and procedural aspects.
Tabletop Exercises
Practical simulations based on impact analysis scenarios to enhance preparedness and response capabilities.