Every company has a Critical Asset (CA) which, if lost, would cause severe damage to its reputation or financial wellbeing. Security budgets are often best spent protecting these critical assets. Building the proper Policies and Procedures to preserve Critical Assets often involve multiple individuals both inside and outside your organization.
The frequency, sophistication, and variety of attacks perpetrated against a company CA will often support the idea that security must be implemented through layered and diverse protection mechanisms, an approach sometimes referred to as "defense-indepth." These layers of protection often require joint planning exercises by internal and external experts in the physical, human, and cyber domains.
Maintaining security around your CA will require constant effort, corporate resources, and vigilance. Securely monitoring your CA on a daily basis is essential.
Maintaining security will usually involve the following steps:
Employees with access to your CA must: