Holistic
Enterprise cybersecurity architecture requires a holistic approach when dealing with complex systems across an organization. This means having a proper understanding of requirements, design philosophy, interoperability, component integration, and how the system will operate. Likewise, holistic is not a checklist-based approach, or other necessary components, either technical or process-oriented, may get missed.
Business-Driven
Enterprise cybersecurity architecture must be business-driven, focusing on securely enabling the business’ strategic directions in current and new markets, channels, and products. Therefore, a firm understanding of where the company is today and where the business wants to be in the future is necessary.
Risk-Driven
An enterprise cybersecurity architecture focuses on a realistic perspective of an organization's risks and the remedies for cybersecurity mechanisms to reduce those risks. It is neither cost nor operationally efficient to put security mechanisms in that are not relevant or required based on the risks present or support a risk the organization does not inherently have.
When developing enterprise cybersecurity architectures for an organization, the key is to remember it is like building a house. Houses are designed first before someone starts constructing them, where building architects defer on specifics to engineers and specialized resources (HVAC, Plumbing, Electrical) when needed. They also include building codes and zoning laws in addition to client requirements. Likewise, enterprise cybersecurity architectures answer the design's what, why, who, where, when, and how. In addition, Enterprise Cybersecurity Architects defer to specializations (SOC, Threat Intelligence, Incident Response, Forensics, Internal Audit) and Cybersecurity Engineering. They also include regulatory compliance, contractual compliance, industry standards, and stakeholder requirements in designs. Otherwise, an untenable, unsustainable, and unmaintainable system is built that is costly, inefficient, ineffective that is inherently full of risks, and potentially exploitable.
Architecture Framework
This Cybersecurity Architecture section focuses on an integrated architecture framework that leverages TOGAF and SABSA. A formalized architecture framework defines the framework, methodology, and practice for designing and delivering architectures. It is also necessary to define the integration between business, enterprise, and cybersecurity architecture.
Architecture Templates
This Cybersecurity Architecture section focuses on architecture templates, which contain artifacts (used to gather information) and deliverables. TOGAF is very heavy with documentation within its core metamodel, and in contrast, SABSA doesn’t necessarily define or provide artifact and deliverable templates. Templates here are more TOGAF-light with SABSA content. Additionally, Archi-based ArchiMate templates for initial diagrams are available.
Reference Architectures
This Cybersecurity Architecture section focuses on reference architectures. Reference architectures are necessary for developing architectures that align with the related business, technology, and cybersecurity strategies defined by the board of directors and executive leadership. They also help organize domains of knowledge across architecture practice and architects. No one person can keep all of this in their head, and having starting points makes design and delivery more productive, efficient, and effective.
Defeating Chaos
Change is like death and taxes, inevitable. Change is a constant regardless of who you are, where you work, and what you do. Change, either positive or negative, shapes direction and can bring chaos to otherwise orderly systems, plans, and directives. Through disciplined, organized, and thorough planning and design, enterprise cybersecurity architecture attempts to bring order to chaos.
Enterprise cybersecurity architecture is not a silver bullet, or one size fits all. Instead, it recognizes a particular fact that standardization, organization, structure, ordering, planning, and many other aspects of enterprise cybersecurity architecture are about controlling the things you can and minimizing the impact of the things you cannot. In addition, the enterprise cybersecurity architecture practice is concerned with continuous improvement while growing overall maturity which also helps reduce chaos.
No environment or business is chaos-free. No environment or business will remain the same forever. However, change can be managed, accounted for, and integrated into daily tasks and efforts.
The Cyber Scape from Momentum Cyber
As a working cybersecurity professional, every attempt is made to separate professional and personal endeavors in a manner consistent with reducing conflicts of interest and maintaining ethics. Statements contained within this site are the explicit and implicit goals, objectives, endorsements, and educated opinion of the author of this site and not those of current or former employers.
