Book Image

Practical Cybersecurity Architecture

By : Ed Moyle, Diana Kelley
Book Image

Practical Cybersecurity Architecture

By: Ed Moyle, Diana Kelley

Overview of this book

Cybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization. With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs. By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.

Related Content you might be interested in

Current Title:

Small book image
Practical Cybersecurity Architecture
Ed Moyle | Diana Kelley
Nov, 2020 | 418 pages
Small book image
Hands-On Cybersecurity for Architects
Milad Aslaner | Neil Rerup
Jul, 2018 | 346 pages
Small book image
Cybersecurity and Privacy Law Handbook
Walter Rocchi
Dec, 2022 | 230 pages
Small book image
Mastering Information Security Compliance Management
Adarsh Nair | Greeshma M R
Aug, 2023 | 236 pages
Table of Contents (14 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1:Security Architecture
Section 1:Security Architecture
Free Chapter
2
Chapter 1: What is Cybersecurity Architecture?
Chapter 1: What is Cybersecurity Architecture?
Understanding the need for cybersecurity
What is cybersecurity architecture?
Architecture, security standards, and frameworks
Architecture roles and processes
Summary
3
Chapter 2: The Core of Solution Building
Chapter 2: The Core of Solution Building
Terminology
Understanding solution building
Establishing the context for designs
Understanding goals
Structures and documents
Risk management and compliance
Establishing a guiding process
Summary
4
Section 2: Building an Architecture
Section 2: Building an Architecture
5
Chapter 3: Building an Architecture – Scope and Requirements
Chapter 3: Building an Architecture – Scope and Requirements
Understanding scope
Setting architectural scope
Scope – enterprise security
Scope – application security
The process for setting scope
Summary
6
Chapter 4: Building an Architecture – Your Toolbox
Chapter 4: Building an Architecture – Your Toolbox
Introduction to the architect's toolbox
Planning tools
Building blocks of secure design
Summary
7
Chapter 5: Building an Architecture – Developing Enterprise Blueprints
Chapter 5: Building an Architecture – Developing Enterprise Blueprints
Requirements
Blueprints
Process
The vision
Creating a program
Documenting your high-level approach
Summary
8
Chapter 6: Building an Architecture – Application Blueprints
Chapter 6: Building an Architecture – Application Blueprints
Application design considerations
Life cycle models
Considerations for Waterfall projects
Considerations for Agile projects
Considerations for DevOps projects
Process for application security design
Summary
9
Section 3:Execution
Section 3:Execution
10
Chapter 7: Execution – Applying Architecture Models
Chapter 7: Execution – Applying Architecture Models
Process steps
Technical design
Operational integration
Telemetry
Summary
11
Chapter 8: Execution – Future-Proofing
Chapter 8: Execution – Future-Proofing
Overcoming obstacles in project execution
Future-proofing designs
Summary
12
Chapter 9: Putting It All Together
Chapter 9: Putting It All Together
Virtuous cycles
Tips and tricks
Gotchas
Summary
13
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

To get the most out of this book

To be as practical in our approach as possible, we've made a few assumptions about the reader, their skill level, and their needs. First, we assume that the reader will know the basics of cybersecurity (information security), such as having a working knowledge of common security controls. Second, we assume a baseline of enterprise technology knowledge.

We've also assumed that the organization in which the reader will be applying the techniques we discuss is like most: one that could benefit from increased architectural rigor but where rigor itself is not an end goal. Larger organizations that systematically follow a highly rigorous process – or service providers with contractual requirements to do so – will find that we have scaled back or streamlined some elements of processes to make them accessible and achievable for smaller teams. In general, we have stated explicitly where, how, and why we have made these changes in the sections where we do so.

Lastly, we suggest (but it is not required) that readers have one or more active "problems" that they can apply the techniques in this book to, meaning that they can apply the process sequentially as they learn it to the real-world challenges in their job. Being able to apply the concepts directly helps ensure that the principles are retained.

Previous Section
Next Section