Practical Cybersecurity Architecture - Second Edition

Practical Cybersecurity Architecture - Second Edition

by Diana Kelley, Ed Moyle
Released November 2023
Publisher(s): Packt Publishing
ISBN: 9781837637164

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Plan, design, and build resilient security architectures to secure your organization's hybrid networks, cloud-based workflows, services, and applications

Key Features

  • Understand the role of the architect in successfully creating complex security structures
  • Learn methodologies for creating architecture documentation, engaging stakeholders, and implementing designs
  • Understand how to refine and improve architecture methodologies to meet business challenges
  • Purchase of the print or Kindle book includes a free PDF eBook

Book Description

Cybersecurity architecture is the discipline of systematically ensuring that an organization is resilient against cybersecurity threats. Cybersecurity architects work in tandem with stakeholders to create a vision for security in the organization and create designs that are implementable, goal-based, and aligned with the organization’s governance strategy.

Within this book, you'll learn the fundamentals of cybersecurity architecture as a practical discipline. These fundamentals are evergreen approaches that, once mastered, can be applied and adapted to new and emerging technologies like artificial intelligence and machine learning. You’ll learn how to address and mitigate risks, design secure solutions in a purposeful and repeatable way, communicate with others about security designs, and bring designs to fruition. This new edition outlines strategies to help you work with execution teams to make your vision a reality, along with ways of keeping designs relevant over time. As you progress, you'll also learn about well-known frameworks for building robust designs and strategies that you can adopt to create your own designs.

By the end of this book, you’ll have the foundational skills required to build infrastructure, cloud, AI, and application solutions for today and well into the future with robust security components for your organization.

What you will learn

  • Create your own architectures and analyze different models
  • Understand strategies for creating architectures for environments and applications
  • Discover approaches to documentation using repeatable approaches and tools
  • Discover different communication techniques for designs, goals, and requirements
  • Focus on implementation strategies for designs that help reduce risk
  • Apply architectural discipline to your organization using best practices

Who this book is for

This book is for new as well as seasoned cybersecurity architects looking to explore and polish their cybersecurity architecture skills. Additionally, anyone involved in the process of implementing, planning, operating, or maintaining cybersecurity in an organization can benefit from this book. If you are a security practitioner, systems auditor, and (to a lesser extent) software developer invested in keeping your organization secure, this book will act as a reference guide.

Table of contents

  1. Practical Cybersecurity Architecture
  2. Contributors
  3. About the authors
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Conventions used
    5. Get in touch
    6. Share Your Thoughts
    7. Download a free PDF copy of this book
  6. Part 1: Security Architecture
  7. Chapter 1: What Is Cybersecurity Architecture?
    1. Understanding the need for cybersecurity
    2. What is cybersecurity architecture?
      1. Network versus application security architecture
      2. The role of the architect
      3. Secure network architectures
      4. Secure application architectures
      5. Case study – the value of architecture
      6. Architecture, security standards, and frameworks
      7. Architecture frameworks
      8. Security guidance and standards
      9. Security architecture frameworks
    3. Architecture roles and processes
      1. Roles
      2. Process overview
      3. Key tasks and milestones
    4. Summary
  8. Chapter 2: Architecture – The Core of Solution Building
    1. Terminology
    2. Understanding solution building
    3. Establishing the context for designs
    4. Understanding goals
      1. Identifying business goals
      2. Dimensions of success
    5. Structures and documents
      1. Policies, procedures, and standards
      2. Applying to architectural frameworks
      3. Additional frameworks
    6. Risk management and compliance
      1. Risk management and appetite
      2. Compliance
    7. Establishing a guiding process
      1. Understanding the business’ high-level goals
      2. Understanding the technology goals
      3. Drawing implied goals from existing documentation
      4. Capturing (or defining) risk tolerances
      5. Accounting for compliance requirements
    8. Summary
  9. Part 2: Building an Architecture
  10. Chapter 3: Building an Architecture – Scope and Requirements
    1. Understanding scope
      1. What’s in this chapter?
    2. Setting architectural scope
      1. Enterprise security architecture
      2. Application security architecture
      3. Defining scope boundaries
    3. Scope – enterprise security
      1. Existing capability
      2. Risk management
      3. Strategic planning
      4. Case study – enterprise scoping
    4. Scope – application security
      1. The development and release process
      2. Components, services, and design patterns
      3. Team/organizational boundaries
      4. Technology considerations
      5. Case study – application scoping
    5. The process for setting scope
      1. Step 1 – consider high-level goals
      2. Step 2 – review contextual or other constraints
      3. Step 3 – set the initial scope
      4. Step 4 – validate and refine initial scope
    6. Summary
  11. Chapter 4: Building an Architecture – Your Toolbox
    1. Introduction to the architect’s toolbox
    2. Planning tools
      1. Analytical tools
      2. Informational tools
      3. Modeling and design tools
    3. Case study – data gathering
    4. Building blocks of secure design
      1. Information security policies
      2. Organization of information security
      3. Human resources security
      4. Asset management
      5. Access control
      6. Cryptography
      7. Physical and environmental security
      8. Operations security
      9. Communications security
      10. System acquisition, development, and maintenance
      11. Supplier relationships
      12. Information security incident management
      13. Information security aspects of business continuity management
      14. Compliance
    5. Summary
  12. Chapter 5: Building an Architecture – Developing Enterprise Blueprints
    1. Requirements
    2. Blueprints
    3. Process
      1. Why ADM?
    4. The vision
      1. Establishing architectural principles
      2. Setting the scope
      3. Getting the desired future (target) state
    5. Case study – shared goals, vision, and engagement
    6. Creating a program
      1. Discovery, identification, and validation
    7. Documenting your high-level approach
      1. Creating the roadmap
      2. Architecture definition
      3. Accompanying documentation
    8. Summary
  13. Chapter 6: Building an Architecture – Application Blueprints
    1. Application design considerations
    2. Life cycle models
      1. Environment
    3. Considerations for waterfall projects
      1. Requirements phase
      2. Design phase
      3. Implementation phase
      4. Verification phase
      5. Maintenance phase
      6. Case study – waterfall development
    4. Considerations for Agile projects
      1. Conception phase
      2. Inception phase
      3. Construction phase
      4. Release phase
      5. Production phase
      6. Retirement phase
      7. Case study – Agile development
    5. Considerations for DevOps projects
      1. Develop
      2. Build
      3. Unit test
      4. Deploy (integrate)
      5. Quality assurance
      6. Production
      7. Validate
      8. Case study – DevOps/DevSecOps development
    6. Process for application security design
      1. Systems security engineering
      2. Architecture definition process
      3. Architecture definition
      4. Documentation
      5. Validation
      6. Modifying the SDLC and development processes
    7. Summary
  14. Part 3: Execution
  15. Chapter 7: Execution –Applying Architecture Models
    1. Process steps
    2. Technical design
      1. What specific provider do we use to do this?
      2. Do we need additional infrastructure (VPN, access points, etc.)?
      3. What client software do users require (if any)?
      4. Creating technical implementation strategies
      5. Assess constraints, synergies, and areas of opportunity
      6. Validating against likely threat paths and creating a skeleton solution document
      7. Validating implementation strategies
      8. Finalizing the documentation
    3. Operational integration
      1. Changing context and evolution
      2. Execution monitoring
      3. Case study – Operational integration
    4. Telemetry
      1. Selecting strategic metrics
      2. Selecting operational metrics
    5. Summary
  16. Chapter 8: Execution – Future-Proofing
    1. Overcoming obstacles in project execution
      1. Scope and requirements
      2. Support failure and organizational issues
      3. Resource shortfalls
      4. Communication failure
      5. Technical and environmental issues
    2. Future-proofing designs
      1. Establishing a virtuous cycle
      2. Monitoring our own environment for changes
      3. Monitoring for external changes
      4. Specifics for machine learning projects
      5. Case study – future-proofing
    3. Summary
  17. Chapter 9: Putting It All Together
    1. Virtuous cycles
      1. Adapting architectural processes
    2. Tips and tricks
      1. Hone your ability to listen
      2. Cultivate empathy
      3. Have just enough process
      4. When in doubt, over-communicate
      5. Be ready to walk away
    3. Gotchas
      1. Be aware of (but don’t play) politics
      2. Don’t shirk the preparation
      3. Stay engaged until the end
      4. Leave ego at the door
      5. Use a multi-disciplinary approach
      6. Case study: gotchas
    4. Summary
  18. Index
    1. Why subscribe?
  19. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts
    3. Download a free PDF copy of this book

Product information

  • Title: Practical Cybersecurity Architecture - Second Edition
  • Author(s): Diana Kelley, Ed Moyle
  • Release date: November 2023
  • Publisher(s): Packt Publishing
  • ISBN: 9781837637164