Details
| Title | Practical Cybersecurity Architecture: A Guide to Creating and Implementing Robust Designs for Cybersecurity Architects. |
|---|---|
| Creators | Moyle Ed. ; Kelley Diana. |
| Imprint | Birmingham: Packt Publishing, Limited, 2020 |
| Collection | Электронные книги зарубежных издательств ; Общая коллекция |
| Subjects | Computer security. ; EBSCO eBooks |
| Document type | Other |
| File type | |
| Language | English |
| Rights | Доступ по паролю из сети Интернет (чтение, печать, копирование) |
| Record key | on1202452703 |
| Record create date | 10/31/2020 |
Allowed Actions
| pdf/2659430.pdf | – |
Action 'Read' will be available if you login or access site from another network
Action 'Download' will be available if you login or access site from another network
|
|---|---|---|
| epub/2659430.epub | – |
Action 'Download' will be available if you login or access site from another network
|
| Group | Anonymous |
|---|---|
| Network | Internet |
| Network | User group | Action |
|---|---|---|
| ILC SPbPU Local Network | All |
|
| Internet | Authorized users SPbPU |
|
| Internet | Anonymous |
|
- Cover
- Title page
- Copyright and Credits
- About Packt
- Contributors
- Table of Contents
- Preface
- Section 1: Security Architecture
- Chapter 1: What is Cybersecurity Architecture?
- Understanding the need for cybersecurity
- What is cybersecurity architecture?
- Network versus application security architecture
- The role of the architect
- Secure network architectures
- Secure application architectures
- Architecture, security standards, and frameworks
- Architecture frameworks
- Security guidance and standards
- Security architecture frameworks
- Architecture roles and processes
- Roles
- Process overview
- Key tasks and milestones
- Summary
- Chapter 2: The Core of Solution Building
- Terminology
- Understanding solution building
- Establishing the context for designs
- Understanding goals
- Identifying business goals
- Dimensions of success
- Structures and documents
- Policies, procedures, and standards
- Applying to architectural frameworks
- Risk management and compliance
- Risk management and appetite
- Compliance
- Establishing a guiding process
- Understanding the business high-level goals
- Understanding the technology goals
- Drawing implied goals from existing documentation
- Capturing (or defining) risk tolerances
- Accounting for compliance requirements
- Summary
- Section 2: Building an Architecture
- Chapter 3: Building an Architecture – Scope and Requirements
- Understanding scope
- What's in this chapter?
- Setting architectural scope
- Enterprise security architecture
- Application security architecture
- Defining scope boundaries
- Scope – enterprise security
- Existing capability
- Risk management
- Strategic planning
- Scope – application security
- The development and release process
- Components, services, and design patterns
- Team/organizational boundaries
- Technology considerations
- The process for setting scope
- Consider high-level goals
- Review contextual or other constraints
- Set the initial scope
- Validate and refine the initial scope
- Summary
- Understanding scope
- Chapter 4: Building an Architecture – Your Toolbox
- Introduction to the architect's toolbox
- Planning tools
- Analytical tools
- Informational tools
- Modeling and design tools
- Building blocks of secure design
- Information security policies
- Organization of information security
- Human resources security
- Asset management
- Access control
- Cryptography
- Physical and environmental security
- Operations security
- Communications security
- System acquisition, development, and maintenance
- Supplier relationships
- Information security incident management
- Information security aspects of business continuity management
- Compliance
- Summary
- Chapter 5: Building an Architecture – Developing Enterprise Blueprints
- Requirements
- Blueprints
- Process
- Why ADM?
- The vision
- Establishing architectural principles
- Set Scope
- Desired future (target) state
- Creating a program
- Discovery, identification, and validation
- Documenting your high-level approach
- Creating the roadmap
- Architecture definition
- Accompanying documentation
- Summary
- Chapter 6: Building an Architecture – Application Blueprints
- Application design considerations
- Life cycle models
- Environment
- Considerations for Waterfall projects
- Requirements phase
- Design phase
- Implementation phase
- Verification phase
- Maintenance phase
- Considerations for Agile projects
- Conception phase
- Inception phase
- Construction phase
- Release phase
- Production phase
- Retirement phase
- Considerations for DevOps projects
- Develop
- Build
- Unit test
- Deploy (integrate)
- Quality assurance
- Production
- Validate
- Process for application security design
- Systems security engineering
- Architecture definition process
- Architecture definition
- Documentation
- Validation
- Modifying the SDLC and development processes
- Summary
- Section 3: Execution
- Chapter 7: Execution – Applying Architecture Models
- Process steps
- Technical design
- What specific product do we buy to do this?
- Where do we place VPN concentrators or access points?
- What client software do users require?
- Creating technical implementation strategies
- Assess constraints, synergies, and areas of opportunity
- Validating against likely threat paths and creating a skeleton solution document
- Validating implementation strategies
- Finalizing the documentation
- Operational integration
- Changing context and evolution
- Execution monitoring
- Telemetry
- Selecting strategic metrics
- Selecting operational metrics
- Summary
- Chapter 8: Execution – Future-Proofing
- Overcoming obstacles in project execution
- Scope and requirements
- Support failure and organizational issues
- Resource shortfalls
- Communication failure
- Technical and environmental issues
- Future-proofing designs
- Establishing a 'virtuous cycle'
- Monitoring our own environment for changes
- Monitoring for external changes
- Summary
- Overcoming obstacles in project execution
- Chapter 9: Putting It All Together
- Virtuous cycles
- Adapting architectural processes
- Tips and tricks
- Hone your ability to listen
- Cultivate empathy
- Have just enough process
- When in doubt, over-communicate
- Be ready to walk away
- Gotchas
- Be aware of (but don't play) politics
- Don't shirk the preparation
- Stay engaged until the end
- Use a multi-disciplinary approach
- Summary
- Virtuous cycles
- Other Books You May Enjoy
- Index
