Crown Jewel Analysis - Focus on What Really Matters

Crown Jewels Analysis: Identify critical IT systems and data. Protect what truly matters.

Abstrakte Netzstruktur aus leuchtenden, verbundenen Punkten auf dunklem Hintergrund.

Not every IT system and not every piece of information is equally important. Many companies invest their security budgets based on the watering can principle: a bit of firewall here, some antivirus there. But if an attack hits the truly critical systems, even the best protection of the peripheral systems will not help.

A warning example was the attack on the Colonial Pipeline in 2021 in the USA. A ransomware attack shut down the country's largest fuel pipeline for several days. It was not the entire company that was affected, but rather a single critical component. The consequences were nevertheless enormous: supply shortages, panic buying at gas stations, and billions in losses. This shows that if you don't know your crown jewels, you're protecting the wrong end.

What are "Crown Jewels"?

Crown jewels are the systems, data, and processes without which a company would not be viable. This can vary greatly depending on the industry:

  • In production: control systems that keep machines running.

  • In commerce: customer databases or payment systems.

  • In research: intellectual property and development data.

  • In healthcare: patient data and critical infrastructure.

The challenge lies in clearly identifying and prioritizing these crown jewels.

Why is this so important?

Attackers are specifically looking for vulnerabilities that cause the greatest damage. For them, attacking a little-used subsidiary system is uninteresting. Instead, they target systems with a high business impact. When these systems are compromised, business can come to a standstill within hours.

Example: In the cyberattack on a European industrial company in 2023, office IT and emails were also affected. It only became critical when the production control was paralyzed. Each day of downtime meant millions in losses.

The Steps of a Crown Jewel Analysis

  1. Identification: Which systems and data are truly critical for the business?

  2. Evaluation: What damage occurs in the event of loss, manipulation, or failure?

  3. Prioritization: Strengthen protective measures where the business impact is greatest.

  4. Protective measures: Multi-layered protection of the crown jewels - from Zero Trust to backup strategies.

  5. Regular review: Crown jewels can change, for example, due to new products or markets.

How ODCUS Supports

At ODCUS, we conduct structured crown jewel analyses that connect business and IT:

  • Workshops with management and departments to understand the real core processes.

  • Creation of a priority list based on business impact, not just technology.

  • Development of tailored protective measures: from enhanced monitoring to redundancy concepts.

  • Clear dashboards showing how crown jewels are protected.

The result: a clear picture of where investments have the most impact – and a security strategy that protects your business, not just your infrastructure.

Conclusion: If you protect everything equally, you end up protecting nothing properly. The crown jewel analysis provides clarity and ensures that the truly critical assets are robustly defended.

Does this topic concern you?

Effortlessly schedule a conversation and discover how we bring success in the digital world to your company.

Schedule a non-binding conversation

Contact us!

Grabenstrasse 15a

6340 Baar

Switzerland

info@odcus.com

+41 43 217 86 70

Navigation

Homepage

Services

Blogs

About Us

Contact

Copyright © 2025 ODCUS | All rights reserved.

Legal Notice

Data Protection