Plan, design, and build resilient security architectures to secure your organization’s hybrid networks, cloud-based workflows, services, and applications
Key Features
Understand the role of the architect in successfully creating complex security structures
Learn methodologies for creating architecture documentation, engaging stakeholders, and implementing designs
Understand how to refine and improve architecture methodologies to meet business challenges
Purchase of the print or Kindle book includes a free PDF eBook
Book Description
Cybersecurity architecture is the discipline of systematically ensuring that an organization is resilient against cybersecurity threats. Cybersecurity architects work in tandem with stakeholders to create a vision for security in the organization and create designs that are implementable, goal-based, and aligned with the organization’s governance strategy.
Within this book, you'll learn the fundamentals of cybersecurity architecture as a practical discipline. These fundamentals are evergreen approaches that, once mastered, can be applied and adapted to new and emerging technologies like artificial intelligence and machine learning. You’ll learn how to address and mitigate risks, design secure solutions in a purposeful and repeatable way, communicate with others about security designs, and bring designs to fruition. This new edition outlines strategies to help you work with execution teams to make your vision a reality, along with ways of keeping designs relevant over time. As you progress, you'll also learn about well-known frameworks for building robust designs and strategies that you can adopt to create your own designs.
By the end of this book, you’ll have the foundational skills required to build infrastructure, cloud, AI, and application solutions for today and well into the future with robust security components for your organization.
What you will learn
Create your own architectures and analyze different models
Understand strategies for creating architectures for environments and applications
Discover approaches to documentation using repeatable approaches and tools
Discover different communication techniques for designs, goals, and requirements
Focus on implementation strategies for designs that help reduce risk
Apply architectural discipline to your organization using best practices
Who this book is for
This book is for new as well as seasoned cybersecurity architects looking to explore and polish their cybersecurity architecture skills. Additionally, anyone involved in the process of implementing, planning, operating, or maintaining cybersecurity in an organization can benefit from this book. If you are a security practitioner, systems auditor, and (to a lesser extent) software developer invested in keeping your organization secure, this book will act as a reference guide.
Author(s): Diana Kelley
, Ed Moyle
Edition: 2
Publisher: Packt Publishing Pvt Ltd
Year: 2023
Language: English
Pages: 388
Practical Cybersecurity Architecture
Contributors
About the authors
About the reviewer
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
Part 1: Security Architecture
1
What Is Cybersecurity Architecture?
Understanding the need for cybersecurity
What is cybersecurity architecture?
Network versus application security architecture
The role of the architect
Secure network architectures
Secure application architectures
Case study – the value of architecture
Architecture, security standards, and frameworks
Architecture frameworks
Security guidance and standards
Security architecture frameworks
Architecture roles and processes
Roles
Process overview
Key tasks and milestones
Summary
2
Architecture – The Core of Solution Building
Terminology
Understanding solution building
Establishing the context for designs
Understanding goals
Identifying business goals
Dimensions of success
Structures and documents
Policies, procedures, and standards
Applying to architectural frameworks
Additional frameworks
Risk management and compliance
Risk management and appetite
Compliance
Establishing a guiding process
Understanding the business’ high-level goals
Understanding the technology goals
Drawing implied goals from existing documentation
Capturing (or defining) risk tolerances
Accounting for compliance requirements
Summary
Part 2: Building an Architecture
3
Building an Architecture – Scope and Requirements
Understanding scope
What’s in this chapter?
Setting architectural scope
Enterprise security architecture
Application security architecture
Defining scope boundaries
Scope – enterprise security
Existing capability
Risk management
Strategic planning
Case study – enterprise scoping
Scope – application security
The development and release process
Components, services, and design patterns
Team/organizational boundaries
Technology considerations
Case study – application scoping
The process for setting scope
Step 1 – consider high-level goals
Step 2 – review contextual or other constraints
Step 3 – set the initial scope
Step 4 – validate and refine initial scope
Summary
4
Building an Architecture – Your Toolbox
Introduction to the architect’s toolbox
Planning tools
Analytical tools
Informational tools
Modeling and design tools
Case study – data gathering
Building blocks of secure design
Information security policies
Organization of information security
Human resources security
Asset management
Access control
Cryptography
Physical and environmental security
Operations security
Communications security
System acquisition, development, and maintenance
Supplier relationships
Information security incident management
Information security aspects of business continuity management
Compliance
Summary
5
Building an Architecture – Developing Enterprise Blueprints
Requirements
Blueprints
Process
Why ADM?
The vision
Establishing architectural principles
Setting the scope
Getting the desired future (target) state
Case study – shared goals, vision, and engagement
Creating a program
Discovery, identification, and validation
Documenting your high-level approach
Creating the roadmap
Architecture definition
Accompanying documentation
Summary
6
Building an Architecture – Application Blueprints
Application design considerations
Life cycle models
Environment
Considerations for waterfall projects
Requirements phase
Design phase
Implementation phase
Verification phase
Maintenance phase
Case study – waterfall development
Considerations for Agile projects
Conception phase
Inception phase
Construction phase
Release phase
Production phase
Retirement phase
Case study – Agile development
Considerations for DevOps projects
Develop
Build
Unit test
Deploy (integrate)
Quality assurance
Production
Validate
Case study – DevOps/DevSecOps development
Process for application security design
Systems security engineering
Architecture definition process
Architecture definition
Documentation
Validation
Modifying the SDLC and development processes
Summary
Part 3: Execution
7
Execution –Applying Architecture Models
Process steps
Technical design
What specific provider do we use to do this?
Do we need additional infrastructure (VPN, access points, etc.)?
What client software do users require (if any)?
Creating technical implementation strategies
Assess constraints, synergies, and areas of opportunity
Validating against likely threat paths and creating a skeleton solution document
Validating implementation strategies
Finalizing the documentation
Operational integration
Changing context and evolution
Execution monitoring
Case study – Operational integration
Telemetry
Selecting strategic metrics
Selecting operational metrics
Summary
8
Execution – Future-Proofing
Overcoming obstacles in project execution
Scope and requirements
Support failure and organizational issues
Resource shortfalls
Communication failure
Technical and environmental issues
Future-proofing designs
Establishing a virtuous cycle
Monitoring our own environment for changes
Monitoring for external changes
Specifics for machine learning projects
Case study – future-proofing
Summary
9
Putting It All Together
Virtuous cycles
Adapting architectural processes
Tips and tricks
Hone your ability to listen
Cultivate empathy
Have just enough process
When in doubt, over-communicate
Be ready to walk away
Gotchas
Be aware of (but don’t play) politics
Don’t shirk the preparation
Stay engaged until the end
Leave ego at the door
Use a multi-disciplinary approach
Case study: gotchas
Summary
Index
Why subscribe?
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book
