In order to respond to this question, we need to introduce a typical company scenario that runs a business to understand what are the challenges and the solutions that are going to solve the problems.
In this age of digital transformation, being fully connected to the internet is fundamental for companies to receive orders, communicate with their customers and suppliers, promote their business, pay invoices, check their bank accounts, and so on… The larger the company, the more it depends on digital transformation, hence increasing its exposure to both external/internal threats.
In terms of cybersecurity, below are some official statistics that represent the threat scenarios companies face nowadays:
In this scenario, the organisations’ IT managers entrust the cybersecurity industry which offers solutions and products that are designed to mitigate specific risks. Selecting the right set of products and solutions to meet their requirements, often represents an additional challenge.
Many organisations rely on their Enterprise Architecture and Engineering departments, which are focused on aligning with the business’s vision, but frequently they consider security an element of complexity that limits the company’s functionalities and capabilities.
Wrongly, many times rather than embedding the security in the solution by Enterprise Architecture and Engineering departments using a holistic approach, they are an enforcement of rules and compliance that aim exclusively to satisfy a checkbox list requirement. To avoid the tick in the box effect, any mature organisation must approach the security problems leveraging the support from the Security Architecture and Engineering departments.
“Security architecture and engineering are disciplines that use a set of frameworks, standards and best practices used to assess, design, implement, integrate, monitor, and dispose of security infrastructures declined in terms of people, processes, and technologies in order to safeguard confidentiality, integrity, and availability of information”
To better understand why they matter, we are going to define their responsibilities.
Security Engineering
Security engineering is the process of identifying the tools and methods needed to implement and build systems to remain dependable in case of an attack or threat and to align with the architectural high-level design of a company’s security infrastructure.
One of the most important aspects of security engineering is communication with the stakeholders to define their protection needs and concerns in order to develop methods and processes capable of translating business objectives into technical requirements.
When it comes to implementation, many points are to be taken into consideration:
- Reviewing the security architecture plan.
- Defining the systems and technology to be deployed in accordance with the allocated budget.
- Planning the deployment and its effect on the production during and after completion.
- Applying security configurations and best practices.
- Demonstrating based on evidence reasoning, that the security needs for the systems have been met.
To a company, security engineering is essential and means ensuring the proper continuity of a business while having a solid structure and monitoring process ready to defend against both internal and external attacks.
Security Architecture
The business and their cybersecurity grow together. Companies typically create cybersecurity departments from a group of systems information that was good to implement but did not have a complete vision of cybersecurity and, as a result, cybersecurity systems were not complete or redundant and did not cover all security risks. A cybersecurity architect represents the link between business mission, risk, and engineering. They identify the gaps between the current cybersecurity posture and future state cybersecurity requirements for the business.
Who are the cybersecurity architects and what are they doing?
- Cybersecurity Architects are high-level leaders supervising security teams considering regulatory, law, and compliance requirements supporting the organisation for creating security-related policies and procedures.
- Cybersecurity architects are responsible for creating and maintaining corporate security infrastructure and ensuring that it functions as designed.
- Cybersecurity architects are corporate leaders that use the hacker mindset, predicting cybercriminals that are looking for vulnerabilities to exploit in order to design and/or implement controls that will eliminate or reduce that risk.
- They have strong experience in IT products, implementations, and operations.
Why do security engineering and architecture matter?
Cybersecurity global spending had the record year 2021, exceeding $262.4B, but this does not mean that businesses are optimally secured. Cybersecurity is not only about people and technologies, but it also includes processes.
Just a few years ago, security processes were built on top of industry solutions, which led to additional financial losses and spending, since processes were not initially built from a security perspective. Applying security controls to a running production might be time-consuming and costly since it causes multiple business interruptions. Nowadays, security is becoming fundamental to the business rather than complimentary and there’s a new term for this process: Security Architecture.
It is crucial for security architecture to strike the right balance between business and security. Architectural design should boast the security posture of an organisation while making sure the business processes also run smoothly.
Looking at the market offer, it’s easy to get lost between a myriad of products, the majority of them are expensive, and none of them covers the security of an enterprise end to end. Cybersecurity Architects and Engineers need to collaborate with the entire organisation in order to create a synergy between thousands of products, evaluating a large spectrum of features, costs, technical compatibility assuring that the security controls and safeguards have been implemented to reduce the risk to an acceptable level.
What will be next?
It is a fact that having a well-designed security architecture gives organisations a foundation on which to build their defenses to reduce security breaches. Security engineers will receive a core set of technologies that they are well versed in administering and maintaining. In parallel, time the organisation will have a working process that will give the confidence that the funds invested are not spent and are actually supporting improve and secure the business.
This will be a big undertaking to ensure the best results in terms of security and risk reduction. A specialist will be required to draw and walk organisations through the full process.
Discussion about this post