MITRE's Crown Jewels Analysis (CJA) is a process and corresponding toolset for identifying those cyber assets that are most critical to the accomplishment of an organization's mission. Successfully used for many years to help government sponsors make their systems more resilient, CJA provides a rigorous, mission-decomposition approach to uncover vital mission dependencies –even those that are too subtle for less rigorous methods to detect. CJA captures not only mission-level impacts, but also task- and function-level impacts, useful for developing mitigation strategies and operate-through procedures.
What Is the Need?
Advanced Persistent Threats (APTs) can maintain a persistent presence in mission networks. We need to be able to “fight through” an APT attack with resilient systems and effective procedures. It is not cost effective to design every cyber asset to operate through an attack. Instead, we must find the mission-critical cyber assets—the “crown jewels”--and assure they can operate through.
Key Benefits of CJA
- Rigorous, repeatable, self-documenting
- Provides insight into ops impact of failures
- Program offices gain understanding of user needs and system requirements
- Flexible to fit data availability
- Used on Air Force, Navy, Missile Defense Agency projects for many years
- Results support mission-based risk management
To discuss licensing or collaboration activities, please contact us.