Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Practical Cybersecurity Architecture
Practical Cybersecurity Architecture

Practical Cybersecurity Architecture : A guide to creating and implementing robust designs for cybersecurity architects

Arrow left icon
Profile Icon Ed Moyle Profile Icon Diana Kelley
Arrow right icon
$12.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.2 (13 Ratings)
Paperback Nov 2020 418 pages 1st Edition
eBook
$47.99
Paperback
$59.99
Audiobook
$44.99
Subscription
Free Trial
Renews at $12.99p/m
Arrow left icon
Profile Icon Ed Moyle Profile Icon Diana Kelley
Arrow right icon
$12.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.2 (13 Ratings)
Paperback Nov 2020 418 pages 1st Edition
eBook
$47.99
Paperback
$59.99
Audiobook
$44.99
Subscription
Free Trial
Renews at $12.99p/m
eBook
$47.99
Paperback
$59.99
Audiobook
$44.99
Subscription
Free Trial
Renews at $12.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $15.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Practical Cybersecurity Architecture

Chapter 1: What is Cybersecurity Architecture?

Let's face it, cybersecurity can be a scary, stress-inducing proposition. And it's no wonder. Cybersecurity in modern business is high stakes. We've all seen headlines about data breaches, attacks, even accidental exposures impacting some of the largest companies (not to mention governments) in the world. The truth is, if you do security wrong, you open yourself up to attack. In fact, even if you do everything perfectly, circumstances can still put you at risk anyway. It's a challenging field – and it can be difficult to get right.

We want to be clear right from the start that this book is not about a new security architecture framework, a new set of competing architectural methods to what already exists, and it's not a reference book. These all already exist and provide plenty of value to those actively using them. In fact, we might argue that the single biggest limiting factor to the discipline itself...

Understanding the need for cybersecurity

"I think it's useful to recognize that different stakeholders have different viewpoints. As an example, imagine you are standing on a hill: in front of you there is a valley and mountains to the east and west. Multiple people in that same setting will have a different viewpoint depending on where they are standing and the direction they look. This is similar to enterprise architecture: different disciplines, users, and stakeholders have a different view depending on their focus. The security architect needs to be able to see all these views at the same time. This is because security is a cross-cutting architectural concept that can't be singled out and put into its own, separate box. Instead, it needs to cut across the whole organization and take these different viewpoints into account."

– John Sherwood, Chief Architect, thought leader, and co-Founder of The SABSA Institute

There are numerous unknowns involved...

What is cybersecurity architecture?

"Cybersecurity architecture is a fusion of architecture and cybersecurity. "Cybersecurity" is a combination of "cyber" (from the Greek word κυβερνήτης meaning "helmsman") and security ("the freedom from risk or danger"). Putting these all together, it's a model to produce an intended outcome related to freedom from technology-related danger."

– Dan Blum, Cybersecurity Strategist, Security Architect, and author of the book Rational Cybersecurity for Business

The easiest way to understand cybersecurity architecture is through a comparison with the role of an architect in the physical world, such as one who is working on a large structure such as a bridge, tunnel, skyscraper, museum, or a new house.

In the physical world, it's easy to understand what an architect does. We all know that you can't just forego...

Architecture, security standards, and frameworks

Knowing then what the purpose of the architect is and where/how they might be involved, it's important to spend some time talking about the process that they employ to get there. In beginning this discussion, it's important to recognize that much of that process will be unique and adapted to the organization employing it. We've seen that the goals of the security architect, what they're responsible for, and the role that they play within a given organization can vary depending on a few different factors: the organization itself, the scope and focus of the architect's role, and so on. These same factors will play a role in the process that the architect will follow to realize the results the organization needs.

Secondly, we've purposefully refrained from discussing much about the mechanics of how the architect approaches these tasks. We'll get there – but for now, we want to make sure that...

Architecture roles and processes

"If your only tool is a hammer, every problem looks like a nail. Meaning, if you talk to a developer or someone who is a product security manager about security architecture, they are going to focus on the software life cycle or how to build controls at various application trust boundaries. If you talk to IT operations, they are going to tell you about segmenting the network and hardening the perimeter. To me, security architecture is more holistic: it's the overall set of processes, policy, people, technology, and controls that ensure security goals are aligned with business goals."

– Ted Ipsen, President and COO at Positroniq, LLC

In this chapter, we've discussed what security architecture is conceptually, describing and providing an introduction to some of the standards and frameworks that are involved in effecting it in an organization. The last topic that we will cover before we get into the "meat" of...

Summary

Throughout this chapter, we've attempted to provide you with information about why architecture exists, the value that it provides, and how it is (at a high level) normally practiced throughout enterprises. We've also tried to lay out some of the useful background information about what goes into being a cybersecurity architect.

Looking ahead, we will build on this to unpack the specific processes that architects use to actually do their work and walk through one approach and steps with you that you can use to do so yourself.

In the next chapter, we'll explore governance and why it matters to the security architect; governance structures and their purpose; and learn to cascade from enterprise/mission goals to technology and security goals.

Left arrow icon Right arrow icon

Key benefits

  • Leverage practical use cases to successfully architect complex security structures
  • Learn risk assessment methodologies for the cloud, networks, and connected devices
  • Understand cybersecurity architecture to implement effective solutions in medium-to-large enterprises

Description

Cybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization. With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs. By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.

Who is this book for?

If you are involved in the process of implementing, planning, operating, or maintaining cybersecurity in an organization, then this security book is for you. This includes security practitioners, technology governance practitioners, systems auditors, and software developers invested in keeping their organizations secure. If you’re new to cybersecurity architecture, the book takes you through the process step by step; for those who already work in the field and have some experience, the book presents strategies and techniques that will help them develop their skills further.

What you will learn

  • Explore ways to create your own architectures and analyze those from others
  • Understand strategies for creating architectures for environments and applications
  • Discover approaches to documentation using repeatable approaches and tools
  • Delve into communication techniques for designs, goals, and requirements
  • Focus on implementation strategies for designs that help reduce risk
  • Become well-versed with methods to apply architectural discipline to your organization

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 20, 2020
Length: 418 pages
Edition : 1st
Language : English
ISBN-13 : 9781838989927
Category :
Concepts :

What do you get with a Packt Subscription?

Free for first 7 days. $15.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Nov 20, 2020
Length: 418 pages
Edition : 1st
Language : English
ISBN-13 : 9781838989927
Category :
Concepts :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$12.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 6,500+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$129.99 billed annually
Feature tick icon Unlimited access to Packt's library of 6,500+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$179.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 6,500+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 198.97
Practical Cybersecurity Architecture
$59.99
Cybersecurity – Attack and Defense Strategies
$83.99
Mastering Windows Security and Hardening
$54.99
Total $ 198.97 Stars icon
Visually different images

Table of Contents

13 Chapters
Section 1:Security Architecture Chevron down icon Chevron up icon
Chapter 1: What is Cybersecurity Architecture? Chevron down icon Chevron up icon
Chapter 2: The Core of Solution Building Chevron down icon Chevron up icon
Section 2: Building an Architecture Chevron down icon Chevron up icon
Chapter 3: Building an Architecture – Scope and Requirements Chevron down icon Chevron up icon
Chapter 4: Building an Architecture – Your Toolbox Chevron down icon Chevron up icon
Chapter 5: Building an Architecture – Developing Enterprise Blueprints Chevron down icon Chevron up icon
Chapter 6: Building an Architecture – Application Blueprints Chevron down icon Chevron up icon
Section 3:Execution Chevron down icon Chevron up icon
Chapter 7: Execution – Applying Architecture Models Chevron down icon Chevron up icon
Chapter 8: Execution – Future-Proofing Chevron down icon Chevron up icon
Chapter 9: Putting It All Together Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.2
(13 Ratings)
5 star 69.2%
4 star 7.7%
3 star 7.7%
2 star 0%
1 star 15.4%
Filter icon Filter
Top Reviews

Filter reviews by




Marcos Colon Feb 11, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
As a professional in the cybersecurity industry, I have quite the assortment of books and reference material that I constantly turn to for knowledge. This quickly became a favorite in my collection. The methodologies outlined in the book are instructive, intriguing, and helpful in understanding the techniques that modern-day security professionals should keep top of mind. With so many dense and boring cybersecurity reads, the conversational tone of the book really helps in digesting the information provided. If you're in search of a book that covers the concepts, standards, and frameworks that you MUST know in cybersecurity, look no further than this book.
Amazon Verified review Amazon
Amazon Customer Feb 13, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
There are so many cybersecurity books and manuals (as alluded to in this book by Moyle and Kelley) that one can read to advance their knowledge. They are, however, often dry and written for someone with either no experience whatsoever, or the expert who doesn't need any background or basic information.This book accomplishes writing to both the novice and the expert, and does so in an interesting, engaging way. Further, it addresses a significant problem in the cybersecurity industry today, this is, the need for thoughtful, careful planning, Having worked in the field for 15+ years, I see enterprise practitioners rushing to implement tools and processes just to be able to check a box. But this is exactly what leads to vulnerabilities.The authors, as promised in the title, lay out a practical approach to architecture based on planning, assessment, and review, from initial stages through execution. Bravo.
Amazon Verified review Amazon
Deb Apr 21, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The way this book is laid out, it puts together all the components to scope and build a secure architecture. By engineering the network architecture to be reliable, robust and secure, you save money, time, and avoid the regulatory nightmares (when a breach inevitably happens). I love how the authors go beyond the basic building blocks to also discuss soft issues, like finding a champion in your organization to help support the security mission, and talking the talk of business NOT cyber so that the leaders can work with your objectives. So many more nuggets in here. It has all the elements needed for secure architecture in ONE read. Very USEFUL reference guide.
Amazon Verified review Amazon
Sinestro Feb 16, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
It's great to see a plain language cybersecurity architecture book that can be understood by most IT professionals. Cybersecurity is inherently a complex subject that is ever changing with adoption of new technologies like multi-cloud, Edge computing , AI, and even cryptocurrency. They all require security architecture and this book will give you the background to understand it.
Amazon Verified review Amazon
B. Helpful Feb 16, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I confess. I got this book as a referral from a friend and colleague – it was a dog-eared copy with quite a few underlined and highlights prior to my read. I always look for the highlights when I respect the colleague. I agree with @Marcos- “The methodologies outlined in the book are instructive, intriguing, and helpful in understanding the techniques that modern-day security professionals should keep top of mind.” This book did further my understanding of the standards in cybersecurity. NOT a long read at 400 pages, but the authors conversational tone allows for a good read. I did add a few highlights of my own to my colleague’s copy – but in a different color highlight. Good writing and great tone added to a quick read of 400 pages.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.