Skip to content

How to Become the Boss of Your Digital Assets

Apr 11, 2018

Cybersecurity is a high-stakes game. Understanding the key differences between various types of cyber information is critical to a strong information security program. Organizations that take the time to understand the value of the digital assets they are protecting are more likely to leave the table as winners.

What Is At Stake?

What exactly is a digital asset? A digital asset is any form of proprietary content in electronic format. In today’s world, more and more companies maintain information in digital form. Some industries even have incentive programs (such as the Medicare and Medicaid Electronic Health Records (EHR) Incentive Programs) to facilitate the use of electronic records. The implications to these businesses and their clients could be catastrophic if those assets are lost, stolen, inappropriately manipulated, or subject to unauthorized access. Thus, it is critical for business owners to know both what digital assets they have in play and how to protect those assets.

Examples of high-value digital assets include:

  • customer lists,
  • ACH/wire transactions,
  • payroll information,
  • proprietary manufacturing processes, and
  • product launch plans.

If something happens to these assets, the impact could go beyond the immediate financial hit to include a damaged reputation or a weaker competitive position.

3 Steps for Assessing Risks to Digital Assets

Protecting digital assets begins with a thorough risk assessment. This assessment should include the following key steps:

  1. Identify and prioritize digital assets. Consider the value of digital assets not only from your company’s perspective, but also from that of criminals, disgruntled employees, and competitors.
  2. Know where assets reside. Identify every place where digital assets are in use, at rest, or in transit – known as “states of data.” These “touchpoints” may include local workstations, portable devices, local networks, data centers, or email servers.
  3. Understand the risks of using third parties. Businesses that outsource asset management cannot offload the responsibility to sustain cybersecurity. They are responsible for knowing how those third parties protect those assets. Part of this knowledge may require a service organization control (SOC) report. A SOC report assesses the controls that service providers (e.g., data centers, software-as-a-service companies, etc.) have in place to maintain the integrity of their processes, systems, and data.

Strengthen Your Cybersecurity Posture

Working in the digital arena involves inherent risk. After assessing the value of the digital assets your business holds, you are prepared to take the next step in strengthening your cybersecurity: designing effective controls. Contact CRI’s cybersecurity team to discuss how your organization can uncover its risks and protect the assets that matter most.

Relevant insights

Join Our Conversation

Subscribe to our e-communications to receive the latest accounting and advisory news and updates impacting you and your business.

This field is for validation purposes and should be left unchanged.