Get to Know Cybersecurity Architecture
After completing this unit, you’ll be able to:
- Describe the role of a cybersecurity architect.
- Describe the goals of cybersecurity architecture.
- Explain the importance of cybersecurity architecture.
What Is a Cybersecurity Architect?
Cybersecurity architects help organizations prioritize where controls are needed to protect critical information and help define what level of risk is acceptable. When your business has security questions, the cybersecurity architect has answers. When asked to build a cybersecurity architecture, the request typically comes in the form of a question. The question might be something like:
- What email technology is most secure?
- How can we protect our highest value assets?
- Which application development approach will result in the most secure software?
- Who is responsible for testing for vulnerabilities and assessing system security?
- How confident are we in our ability to quickly bounce back from a security breach?
Let’s look at the role of an architect who designs buildings. When an architect designs a skyscraper, they consider different aspects of form and control to build a secure structure that can withstand natural disasters, protect its occupants with a roof and thick walls, and include other security enhancements such as secure entrance gates and badge scanners. The architect gathers requirements from the building engineer, asks questions, documents the plan, and creates a blueprint for the building.
In the same way, before diving headlong into developing and deploying a new technology, cybersecurity architects consider business and technology questions about products, security features, and usability. They ask follow-up questions, document requirements, and map those requirements to security criteria. They use these elements to set security standards and policies for technology products. All these are crucial steps in designing security architectures.
What is a cybersecurity architect’s ultimate goal? Their goal is to protect the business by ensuring that products contain appropriate security controls to reduce the company’s risk. They do this by designing a security architecture that lays out the security controls that will be implemented to protect the confidentiality, integrity, and availability (CIA) of business systems. Let’s take a closer look at what that means.
- Confidentiality: Cybersecurity architects safeguard an organization's assets from unauthorized disclosure of valuable information, whether it be intellectual property, customer financial data, or employee passwords.
- Integrity: Cybersecurity architects implement integrity controls to prevent attackers, or mistakes by users, from unauthorized modification of data. Such controls ensure the reliability and accuracy of information stored in business systems.
- Availability: Cybersecurity architects work to prevent downtime, one of the biggest costs stemming from cyberattacks. They make sure systems are available to those that need them. They know that an attack that prevents employees from working or customers from buying can result in a large amount of lost revenue for companies.
Elements of a Security Architecture
The security architecture of an organization is the basis of its cybersecurity measures. It includes the tools, technologies, and processes to protect the business from internal and external threats. Cybersecurity architecture specifies the organizational structure, functional behavior, standards, and policies of a computing environment that includes network, applications, and security features, as well as how these elements interact with each other. Let’s take a closer look.
- Network elements: These include components like nodes, communication protocols, and topologies. Applications are programs designed for end users, such as word processing software or a mobile-banking interface.
- Security elements: These include components such as cybersecurity devices, software, and encryption techniques. Architects also design and enable the deployment of tools and services that are used throughout the organization that provide security benefits, such as identity and access management services.
- Frameworks and standards: Cybersecurity architects tie all these elements together using frameworks and standards, as well as security policies and procedures. Some common frameworks and standards include the Open Web Application Security Project (OWASP) Software Assurance Maturity Model (SAMM), National Institute of Standards and Technology (NIST) Cybersecurity Framework, and the ISO/IEC 27000 series of standards on Information Security Management. MITRE also maintains a list of common cybersecurity processes that can help organizations frame their cybersecurity programs.
Cybersecurity architects design and deploy security architecture frameworks to help define security measures, and when, where, and why they should be used. They monitor the results of detective security controls, such as intrusion detection and prevention systems (IDPS), to help inform the design of new products and specify additional detective controls that are needed. They also consider how to integrate future changes so their organization has a consistent security architecture design that can adapt to changes in the technology and threat environment. They may design security architectures for on-premise or cloud environments, or for an organization that has a hybrid of the two. They may work for consulting firms, government, a start-up, a research company, or any variety of industries.
The Importance of Cybersecurity Architecture
Why is cybersecurity architecture important? Organizations are under attack, and the frequency and severity of the resulting breaches continues to escalate. The increasing digitalization of data, products, and processes also creates cybersecurity challenges and vulnerabilities. Additionally, the increasing complexity of IT environments introduces more interfaces that intruders can exploit (that is, the attack surface). Today’s organization usually has resources both on premise and in the cloud, multiple connections to third parties, a mobile workforce that works remotely, and can even have Internet of Things (IoT) devices in its environment. All this requires a carefully designed approach to securing business systems while also enabling technology innovation and growth.
Cybersecurity architects have significant organizational impact. They design and deploy security solutions to solve business and cybersecurity challenges. They touch every aspect of a company’s digital footprint, and as such have a crucial role to play in enabling the business to succeed. Cybersecurity architects help organizations prioritize where controls are needed to protect critical information and help define what level of risk is acceptable, while aligning IT security with the business strategy and defending against current threats.
Cybersecurity architects bring the organization’s security policies, processes, and procedures to life by designing and deploying architectures to apply consistent security principles across their organizations based on industry standards. They have a crucial role to play in restricting access to sensitive information and systems, and layering security to improve defenses and contain breaches.
And cybersecurity architects have a direct impact on the organization’s bottom line. Having a strong security architecture helps earn the trust of your stakeholders, customers, and potential business partners. Having a strong security architecture also helps your organization adapt to future changes in the technology and threat landscape. A strong security architecture serves as a framework to classify potential and existing security investments to determine where you’re deficient and make sure there’s a balanced approach to security.
Ready to review what you’ve learned? The knowledge check below isn’t scored—it’s just an easy way to quiz yourself. To get started, drag the description in the left column next to the matching category on the right. When you finish matching all the items, click Submit to check your work. To start over, click Restart.
Great work! Now you understand a bit more about what cybersecurity architecture is and why it’s important. In the next unit, you learn more about the responsibilities of a cybersecurity architect in enabling organizations to create security roadmaps for the business and discover the skills that help cybersecurity architects succeed.