Method to Identify High Value Assets for Small Government Agencies and Small to Mid-sized Organizations

In today’s increasingly connected world, it is more important than ever to ensure an organization’s information and information systems are protected from cyber threats. Every organization has critical information and technology assets that are essential to their business operations and require enhanced security. Organizational resources that can be dedicated to cybersecurity are finite; therefore, those resources should be applied deliberately and strategically focusing on the most important assets. While large cities, states and corporations, with robust IT capabilities, may be able to align their processes with federally mandated directives to identify those critical assets also deemed high value assets, the smaller government agencies and small to mid-sized organizations require a scalable and flexible process based on their individual requirements. This paper will describe a method for identifying high value assets that can be integrated into an organization’s or agency’s cybersecurity program