Practical cybersecurity architecture a guide to creating and implementing robust designs for cybersecurity architects
Cybersecurity architecture is the discipline of systematically ensuring that an organization is resilient against cybersecurity threats. Cybersecurity architects work in tandem with stakeholders to create a vision for security in the organization and create designs that are implementable, goal-based...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, UK :
Packt Publishing Ltd
2023.
|
| Edición: | Second edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009784622106719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright & Credits
- Contributors
- Table of Contents
- Preface
- Part 1: Security Architecture
- What Is Cybersecurity Architecture?
- Understanding the need for cybersecurity
- What is cybersecurity architecture?
- Network versus application security architecture
- The role of the architect
- Secure network architectures
- Secure application architectures
- Case study
- the value of architecture
- Architecture, security standards, and frameworks
- Architecture frameworks
- Security guidance and standards
- Security architecture frameworks
- Architecture roles and processes
- Roles
- Process overview
- Key tasks and milestones
- Summary
- Architecture
- The Core of Solution Building
- Terminology
- Understanding solution building
- Establishing the context for designs
- Understanding goals
- Identifying business goals
- Dimensions of success
- Structures and documents
- Policies, procedures, and standards
- Applying to architectural frameworks
- Additional frameworks
- Risk management and compliance
- Risk management and appetite
- Compliance
- Establishing a guiding process
- Understanding the business' high-level goals
- Understanding the technology goals
- Drawing implied goals from existing documentation
- Capturing (or defining) risk tolerances
- Accounting for compliance requirements
- Summary
- Part 2: Building an Architecture
- Building an Architecture
- Scope and Requirements
- Understanding scope
- What's in this chapter?
- Setting architectural scope
- Enterprise security architecture
- Application security architecture
- Defining scope boundaries
- Scope
- enterprise security
- Existing capability
- Risk management
- Strategic planning
- Case study
- enterprise scoping
- Scope
- application security
- The development and release process
- Components, services, and design patterns
- Team/organizational boundaries
- Technology considerations
- Case study
- application scoping
- The process for setting scope
- Step 1
- consider high-level goals
- Step 2
- review contextual or other constraints
- Step 3
- set the initial scope
- Step 4
- validate and refine initial scope
- Summary
- Building an Architecture
- Your Toolbox
- Introduction to the architect's toolbox
- Planning tools
- Analytical tools
- Informational tools
- Modeling and design tools
- Case study
- data gathering
- Building blocks of secure design
- Information security policies
- Organization of information security
- Human resources security
- Asset management
- Access control
- Cryptography
- Physical and environmental security
- Operations security
- Communications security
- System acquisition, development, and maintenance
- Supplier relationships
- Information security incident management
- Information security aspects of business continuity management
- Compliance
- Summary
- Building an Architecture
- Developing Enterprise Blueprints
