Book Image

Practical Cybersecurity Architecture - Second Edition

By : Diana Kelley, Ed Moyle
Book Image

Practical Cybersecurity Architecture - Second Edition

By: Diana Kelley, Ed Moyle

Overview of this book

Cybersecurity architecture is the discipline of systematically ensuring that an organization is resilient against cybersecurity threats. Cybersecurity architects work in tandem with stakeholders to create a vision for security in the organization and create designs that are implementable, goal-based, and aligned with the organization’s governance strategy. Within this book, you'll learn the fundamentals of cybersecurity architecture as a practical discipline. These fundamentals are evergreen approaches that, once mastered, can be applied and adapted to new and emerging technologies like artificial intelligence and machine learning. You’ll learn how to address and mitigate risks, design secure solutions in a purposeful and repeatable way, communicate with others about security designs, and bring designs to fruition. This new edition outlines strategies to help you work with execution teams to make your vision a reality, along with ways of keeping designs relevant over time. As you progress, you'll also learn about well-known frameworks for building robust designs and strategies that you can adopt to create your own designs. By the end of this book, you’ll have the foundational skills required to build infrastructure, cloud, AI, and application solutions for today and well into the future with robust security components for your organization.
Table of Contents (15 chapters)
Part 1: Security Architecture
Part 2: Building an Architecture
Part 3: Execution

Understanding the need for cybersecurity

“I think it’s useful to recognize that different stakeholders have different viewpoints. As an example, imagine you are standing on a hill: in front of you there is a valley and mountains to the east and west. Multiple people in that same setting will have a different viewpoint depending on where they are standing and the direction they look. This is similar to enterprise architecture: different disciplines, users, and stakeholders have a different view depending on their focus. The security architect needs to be able to see all these views at the same time. This is because security is a cross-cutting architectural concept that can’t be singled out and put into its own, separate box. Instead, it needs to cut across the whole organization and take these different viewpoints into account.”

– John Sherwood, Chief Architect, thought leader, and co-Founder of The SABSA Institute

There are numerous unknowns involved in putting the right plan in place for security in a given organization. Creating the right plan involves answering tough questions such as the following:

  • What will attackers do next?
  • How will their techniques evolve in ways we haven’t planned for?
  • How will new technologies impact our organization’s security model?
  • How will new business opportunities impact our security?
  • How can we know that we’re secure – that we’ve secured the organization appropriately?
  • How do we use our limited resources in the best way possible?

There’s no magic bullet, panacea, or sure-fire way to answer all these questions. But some strategies help do so.

Cybersecurity architecture, the discipline of strategically planning out the security measures of the organization, is one of those strategies. As cybersecurity architects, we will work to create a blueprint for security measures in our organizations. We’ll plan out what the security profile should look like – and subsequently, work with stakeholders in the organization to make the plan a reality.

Security architecture provides us with a systematic way to guide our organizations to the most effective security measures – to identify where they will provide the most benefit, who they’ll provide the most value to, when they should be implemented, and why the organization should select one over another. It can help us know whether the measures we put in place perform effectively and do what we need them to do. It can help us know that the resources we have are being used optimally and efficiently.

All this doesn’t happen magically. Cybersecurity architecture takes work. It involves creating the long-term vision for security, selling that vision to stakeholders throughout the organization, charting a realistic roadmap to move from the current state to the proposed future state, working with subject matter experts and others in the organization to execute the roadmap, reacting to unexpected developments and unforeseen challenges, and ultimately working over the long term to implement improvements.

The reality is that architecture is a craft. And like any craft, it involves a combination of artistry, creativity, planning, and knowledge. Also, like any craft, becoming a master takes time, persistence, and discipline – though it’s accessible to anyone willing to put in the time and persistence to learn.

We’ve written this book for two reasons:

  • First, we hope to provide someone new to a security architecture role with a roadmap that they can follow to be successful in their job. To do that, we’ve tried to outline the methods and techniques that have worked for us and distill down guidance from successful architects in the field about what’s worked for them. For someone completely new, this allows them to get started quickly and get a jump on the learning curve.
  • Second, for more experienced professionals, we’ve tried to provide insights and tips that will help them improve. There are as many ways to be a cybersecurity architect as they are architects themselves and there’s no right or wrong way to do it (the right way is the way that works for them). By pulling together experiences from an array of practitioners, we hope that some of their techniques can help spark creative new approaches in your practice that lead you to a higher level of proficiency.

Understanding the need for cybersecurity is only the first step in this book. To develop the best, most robust cybersecurity, you need to plan the architecture of your systems. In the next section, we’ll gain a fundamental understanding of cybersecurity architecture.