Book Image

Practical Cybersecurity Architecture

By : Ed Moyle, Diana Kelley
Book Image

Practical Cybersecurity Architecture

By: Ed Moyle, Diana Kelley

Overview of this book

Cybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization. With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs. By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.
Table of Contents (14 chapters)
Section 1:Security Architecture
Section 2: Building an Architecture
Section 3:Execution

Setting architectural scope

"Be careful with setting scope. If you iterate too much on the scope of what you're trying to secure early on, you may never achieve the first milestone. However, the process and the model by which you create your architecture should absolutely be iterative and the scope will absolutely change. The architectural approaches and models we use need to be able to support these iterative approaches, but very few of the large, monolithic standards will do this "out of the box." This is where there is room for the individual architect to exercise their creativity and innovate, adapting their processes to fit their needs best."

– Steve Orrin, Federal CTO at Intel Corporation

Note right from the get-go that the outcome of this chapter is not about creating documentation. We will eventually document our design scope. This is an important part of the process and, eventually, we will fully document it – ideally, both...