Book Image

Practical Cybersecurity Architecture

By : Ed Moyle, Diana Kelley
Book Image

Practical Cybersecurity Architecture

By: Ed Moyle, Diana Kelley

Overview of this book

Cybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization. With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs. By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.
Table of Contents (14 chapters)
1
Section 1:Security Architecture
4
Section 2: Building an Architecture
9
Section 3:Execution

Understanding the need for cybersecurity

"I think it's useful to recognize that different stakeholders have different viewpoints. As an example, imagine you are standing on a hill: in front of you there is a valley and mountains to the east and west. Multiple people in that same setting will have a different viewpoint depending on where they are standing and the direction they look. This is similar to enterprise architecture: different disciplines, users, and stakeholders have a different view depending on their focus. The security architect needs to be able to see all these views at the same time. This is because security is a cross-cutting architectural concept that can't be singled out and put into its own, separate box. Instead, it needs to cut across the whole organization and take these different viewpoints into account."

– John Sherwood, Chief Architect, thought leader, and co-Founder of The SABSA Institute

There are numerous unknowns involved in putting the right plan in place for security in a given organization. Creating the right plan involves answering tough questions such as the following:

  • What will attackers do next?
  • How will their techniques evolve in ways we haven't planned for?
  • How will new technologies impact our organization's security model?
  • How will new business opportunities impact our security?
  • How can we know that we're secure – that we've secured the organization appropriately?
  • How do we use our limited resources in the best way possible?

There's no magic bullet, panacea, or sure-fire way to answer all these questions. But there are strategies that help do so.

Cybersecurity architecture, the discipline of planning out strategically the security measures of the organization, is one of those strategies. As cybersecurity architects, we will work to create a blueprint for security measures in our organizations. We'll plan out what the security profile should look like – and subsequently work with stakeholders in the organization to make the plan a reality.

Security architecture provides us with a systematic way to guide our organizations to the most effective security measures; to identify where they will provide the most benefit, who they'll provide the most value to, when they should be implemented, and why the organization should select one over another. It can help us know whether the measures we put in place perform effectively and do what we need them to do. It can help us know that the resources we have are being used in an optimal and efficient way.

All this doesn't happen magically. Cybersecurity architecture takes work. It involves creating the long term "vision" for security, "selling" that vision to stakeholders throughout the organization, charting a realistic roadmap to move from the current state to the proposed future state, working with subject matter experts and others in the organization to execute the roadmap, reacting to unexpected developments and unforeseen challenges, and ultimately working over the long term to implement improvements.

The reality is that architecture is a craft. And like any craft, it involves a combination of artistry, creativity, planning, and knowledge. Also, like any craft, becoming a master takes time, persistence, and discipline – though it's accessible to anyone willing to put in the time and persistence to learn.

We've written this book for two reasons. First, we hope to provide someone new to a security architecture role a roadmap that they can follow to be successful in their jobs. To do that, we've tried to outline the methods and techniques that have worked for us and distill down guidance from successful architects in the field about what's worked for them. For someone completely new, this allows them to get started quickly and get a jump on the learning curve.

Second, for more experienced professionals, we've tried to provide insights and tips that will help them improve. There are as many ways to be a cybersecurity architect as there are architects themselves and there's no right or wrong way to do it (the right way is the way that works). By pulling together experiences from an array of practitioners, our hope is that some of their techniques can help spark creative new approaches in your own practice that lead you to a higher level of proficiency.

Understanding the need for cybersecurity is only the first step in this book. To develop the best, most robust cybersecurity, you need to plan the architecture of your systems. In the next section, we'll gain a fundamental understanding of cybersecurity architecture.