Chapter 8Crown Jewels Are Not Always Shiny
It is not all gold bars and fancy equipment that I steal. A few times, we have worked with small companies. Like Cygenta, the company I run with my wife Jess, these small companies have few staff; maybe it's their first office, and they are taking security seriously.
On two particular occasions that I can recall, the client had some odd ideas about what they felt constituted their most valuable asset. I find it funny that some peers in security will often be heard saying, “Protect your crown jewels.” We all know what they mean by that, and I have no doubt said it in the past, too. But we need to qualify what we really mean. Some companies will just assume it the asset with the biggest price tag, maybe it is a gold bar in their safe (that story later), or maybe it is the new helicopter (also later). But what I mean by “crown jewels” is that piece of data, that thing, that object or person, that if it were to be stolen, kidnapped, or destroyed, would render the entire company broken beyond recovery.
We often go through a set of questions with new clients to get an understanding of what they are trying to do and, more importantly, what the driver behind it is. Sometimes, though, you cannot stop someone from spending money on something they do not need but really want.
Two clients had different assets in mind for us to try to steal. The first was an exceptionally large TV, the sort that is mounted on the wall in a large boardroom—the kind ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access