Crown Jewels Analysis.

A MITRE-popularized methodology that identifies the small set of mission-critical assets whose loss would unacceptably harm the organization, then concentrates protection, monitoring, and IR investment there. It belongs to the Defense & Operations category of cybersecurity.

A MITRE-popularized methodology that identifies the small set of mission-critical assets whose loss would unacceptably harm the organization, then concentrates protection, monitoring, and IR investment there.

Crown Jewels Analysis (CJA) is a methodology formalized by MITRE in the mid-2010s and incorporated into the U.S. DoD's mission-assurance practice. The premise: most organizations cannot harden everything to the same level, and most adversaries don't care about everything either. CJA produces a ranked, justified list of the assets — datasets, systems, applications, identities, processes — whose compromise or loss would produce unacceptable mission, business, regulatory, or reputational impact, and the dependencies (network paths, credentials, supporting services) that lead to them. The output drives where to concentrate defense-in-depth controls (segmentation, monitoring tier, IR tabletop priority, cyber-insurance scoping, recovery RTO/RPO), what threat models to take most seriously, and which paths in attack-graph terms to disrupt first. CJA is often a precursor to attack-path analysis, MITRE ATT&CK technique prioritization, and adversary-emulation scoping. It is also a common requirement of cyber-insurance underwriting and of regulator-led resilience reviews (DORA, NIS2, U.S. DOD CMMC).

Defences for Crown Jewels Analysis typically combine technical controls and operational practices, as detailed in the full definition above.

Common alternative names include: CJA, Mission-critical asset analysis.