Book Image

Practical Cybersecurity Architecture

By : Ed Moyle, Diana Kelley
Book Image

Practical Cybersecurity Architecture

By: Ed Moyle, Diana Kelley

Overview of this book

Cybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization. With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs. By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.
Table of Contents (14 chapters)
Section 1:Security Architecture
Section 2: Building an Architecture
Section 3:Execution


Throughout this chapter, we've built on the techniques that we've teed up in prior chapters and extended them to the application space. We positioned the key tasks through the lens of a process-based systems security engineering methodology (or at least the architectural elements of that discipline), rather than a purely enterprise architectural one. This lets us work within the constraints of the software development life cycle that our organization uses.

From here, we will start executing our architecture vision. Whether you created a vision at the enterprise scope in the previous chapter or created one at the application scope in this chapter, the next step is to lay the groundwork to put it into practice. This includes engaging subject matter specialists and engineers in key supporting areas and mapping out a technical architecture to support the higher-level, business-focused ones. We will do this in the next chapter.