Speakers
Synopsis
The digital footprints of businesses are increasingly spread across a wide technology landscape, including cloud services, on-premises systems, multiple devices, SaaS applications, and third-party vendors.
This diversification presents a constant challenge for businesses to maintain security against a rising tide of cyber-attacks and increasing government and industry regulations. As a result, business executives are taking a keen interest in the security of their digital operations. Therefore, it is imperative for organizations to build a security architecture that is secure by design, addressing both current and future needs. It must also consider the wider enterprise architecture to ensure digital business always operates smoothly.
Key considerations:
- What are you securing? Understanding what needs to be secured is the starting point of your security architecture. Typically, this includes the data and the infrastructure that stores and processes it. Data security relies on three pillars: confidentiality, integrity, and availability.
- Who are you securing for? Identifying the key entities affected by your security architecture and design is crucial. These typically include business customers, business stakeholders, and government or industry authorities.
- Why and when are you securing? Knowing what your architecture is protecting against is essential for creating a future-ready design. This usually involves safeguarding against emerging cyber threats, complying with government and industry regulations, and meeting legal obligations.
- How & where do you secure? Your security architecture should be built on three pillars: people, processes, and technology.
Every person working in or for an organization has a responsibility to help keep the business secure. The security architecture model must have executive sponsorship and support. It should also identify the key skills and training required across the workforce to effectively implement and maintain the security architecture.
Processes are essential for bringing predictability and assigning ownership and accountability to the outcomes of the security architecture and design. These processes include establishing threat modelling structures, access review mechanisms, security incident and change management procedures, and how-to manuals to ensure tasks are always performed securely.
The technology paradigm of security architecture can be broadly divided into 2 parts:
- Understanding the digital environment: This includes data classification, hosting and processing geolocations, and attack surface analysis.
- Understanding the key security architectural elements: These should be designed to provide a defense-in-depth approach with a zero trust model. Key elements include identity and access management, network security, cryptography, supply chain security, security threat lifecycle management, security testing, DevOps and vulnerability management, device security, data flows, security baseline configuration, and business continuity and disaster recovery.
Common pitfalls to avoid:
These include designing in response to an incident, stakeholder omissions, missing links from whiteboard to operations, inadequate capacity planning, inadequate measurement metrics, inadequate documentation and socialization, reliance on too many tools, and overly complex solutions.
Measures for success:
Measuring the success of your security architecture can involve tracking several key metrics. These may include controls automation, the number of exploitable vulnerabilities, coverage of security controls, the number of security incidents, and the number of supply chain compromises.
