Book Image

Practical Cybersecurity Architecture

By : Ed Moyle, Diana Kelley
Book Image

Practical Cybersecurity Architecture

By: Ed Moyle, Diana Kelley

Overview of this book

Cybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization. With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs. By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.
Table of Contents (14 chapters)
Section 1:Security Architecture
Section 2: Building an Architecture
Section 3:Execution

Establishing a guiding process

"There are "top down" and "bottom up" approaches to architecture. Many people start with the highest level of the organization and try to work down; this seems logical at first, but what can happen is you lose sight of context as you move down the chain toward more specific usage. What I think is a better approach is to start bottom up: understand the threats, understand the context, understand the risks, and build architectures for the different environments piecemeal while keeping an awareness of the "macro" – the high-level view. This lets you reduce redundancy and normalize, but also create lightweight, modular frameworks that can be reused where needed or improved upon and reworked when needed. Anyone can build an architecture that looks great on paper; but an overly structured approach can be so rigid that it fails when it gets to implementation. You need concert between top down and bottom up; the best...