Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Cybersecurity Architecture

You're reading from   Practical Cybersecurity Architecture A guide to creating and implementing robust designs for cybersecurity architects

Arrow left icon
Product type Paperback
Published in Nov 2020
Publisher Packt
ISBN-13 9781838989927
Length 418 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Diana Kelley Diana Kelley
Author Profile Icon Diana Kelley
Diana Kelley
Ed Moyle Ed Moyle
Author Profile Icon Ed Moyle
Ed Moyle
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Section 1:Security Architecture
2. Chapter 1: What is Cybersecurity Architecture? FREE CHAPTER 3. Chapter 2: The Core of Solution Building 4. Section 2: Building an Architecture
5. Chapter 3: Building an Architecture – Scope and Requirements 6. Chapter 4: Building an Architecture – Your Toolbox 7. Chapter 5: Building an Architecture – Developing Enterprise Blueprints 8. Chapter 6: Building an Architecture – Application Blueprints 9. Section 3:Execution
10. Chapter 7: Execution – Applying Architecture Models 11. Chapter 8: Execution – Future-Proofing 12. Chapter 9: Putting It All Together 13. Other Books You May Enjoy

Understanding the need for cybersecurity

"I think it's useful to recognize that different stakeholders have different viewpoints. As an example, imagine you are standing on a hill: in front of you there is a valley and mountains to the east and west. Multiple people in that same setting will have a different viewpoint depending on where they are standing and the direction they look. This is similar to enterprise architecture: different disciplines, users, and stakeholders have a different view depending on their focus. The security architect needs to be able to see all these views at the same time. This is because security is a cross-cutting architectural concept that can't be singled out and put into its own, separate box. Instead, it needs to cut across the whole organization and take these different viewpoints into account."

– John Sherwood, Chief Architect, thought leader, and co-Founder of The SABSA Institute

There are numerous unknowns involved in putting the right plan in place for security in a given organization. Creating the right plan involves answering tough questions such as the following:

  • What will attackers do next?
  • How will their techniques evolve in ways we haven't planned for?
  • How will new technologies impact our organization's security model?
  • How will new business opportunities impact our security?
  • How can we know that we're secure – that we've secured the organization appropriately?
  • How do we use our limited resources in the best way possible?

There's no magic bullet, panacea, or sure-fire way to answer all these questions. But there are strategies that help do so.

Cybersecurity architecture, the discipline of planning out strategically the security measures of the organization, is one of those strategies. As cybersecurity architects, we will work to create a blueprint for security measures in our organizations. We'll plan out what the security profile should look like – and subsequently work with stakeholders in the organization to make the plan a reality.

Security architecture provides us with a systematic way to guide our organizations to the most effective security measures; to identify where they will provide the most benefit, who they'll provide the most value to, when they should be implemented, and why the organization should select one over another. It can help us know whether the measures we put in place perform effectively and do what we need them to do. It can help us know that the resources we have are being used in an optimal and efficient way.

All this doesn't happen magically. Cybersecurity architecture takes work. It involves creating the long term "vision" for security, "selling" that vision to stakeholders throughout the organization, charting a realistic roadmap to move from the current state to the proposed future state, working with subject matter experts and others in the organization to execute the roadmap, reacting to unexpected developments and unforeseen challenges, and ultimately working over the long term to implement improvements.

The reality is that architecture is a craft. And like any craft, it involves a combination of artistry, creativity, planning, and knowledge. Also, like any craft, becoming a master takes time, persistence, and discipline – though it's accessible to anyone willing to put in the time and persistence to learn.

We've written this book for two reasons. First, we hope to provide someone new to a security architecture role a roadmap that they can follow to be successful in their jobs. To do that, we've tried to outline the methods and techniques that have worked for us and distill down guidance from successful architects in the field about what's worked for them. For someone completely new, this allows them to get started quickly and get a jump on the learning curve.

Second, for more experienced professionals, we've tried to provide insights and tips that will help them improve. There are as many ways to be a cybersecurity architect as there are architects themselves and there's no right or wrong way to do it (the right way is the way that works). By pulling together experiences from an array of practitioners, our hope is that some of their techniques can help spark creative new approaches in your own practice that lead you to a higher level of proficiency.

Understanding the need for cybersecurity is only the first step in this book. To develop the best, most robust cybersecurity, you need to plan the architecture of your systems. In the next section, we'll gain a fundamental understanding of cybersecurity architecture.

You have been reading a chapter from
Practical Cybersecurity Architecture
Published in: Nov 2020
Publisher: Packt
ISBN-13: 9781838989927
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime