Focus on Integration: Measuring the Maturity of your Cybersecurity Architecture
One of the key focal points of your enterprise architecture efforts must be security. With all the flexibility and business enablement offered by cloud services and agile development activities, implementing and managing security concerns becomes more challenging every day. Building and enabling security management services that are consumed and integrated into your business flow as functional capabilities is now a foundational requirement.
Optimized security controls are transparent. When security controls stick out and get noticed, it usually means they are functioning as constraints and roadblocks. To move towards a more mature security architecture focused on business enablement, companies need to adopt a systems integration mindset. Integration across security controls and services brings enormous value to the business by enabling the connection between disparate sources of information. A platform of security intelligence can now provide new insights into the location, identity, job function, and behavior of both good and bad actors. Integration across security management functions can help you manage risks within the overall IT service management architecture transparently. Security management activities should be triggered by normal day-to-day IT service events, not by separate processes and request mechanisms.
To drive towards this integration and transparency, we recommend using a model for evaluating the maturity of an organization’s security architecture that focuses on these outcomes. The model looks at three aspects of security management, and the related outcomes in each area:
Technology – Many organizations focus on the latest security technologies and the controls they offer without considering the overall impact to the business flow. The key is to focus technology on automation. By ensuring new technology implementations are advancing your ability to automate your security management, you reduce the time it takes to discover, protect, and recover from threats to your IT infrastructure.
Process – Security operations management processes can easily become heavy and burdensome. Avoiding this trap requires careful attention to how the process supports the organization’s overall risk governance objectives. Establishing accountability and oversight that matches the flow of business processes helps to ensure the success of the security program and provides a true picture of your security posture. For example, establishing the accountability of the business application owner for the state of application security as a component of your vulnerability management system helps to ensure system availability for patch and remediation activities. This also requires that the business application owner be given insight into the criticality and impacts of discovered vulnerabilities.
Information – The amount of data available in today’s business environment can either be a daunting burden or an enlightening opportunity. A focus on the analytics derived from the analysis of well-integrated data streams, can help to optimize your data footprint and bring value to your security and business goals. As mentioned above, the same data that supports identification of unacceptable behavior also provides insights into the desired actions that can be leveraged into competitive advantage or used to streamline processes.
The chart below outlines the progression an organization may move through as it matures towards an architecture that delivers security services that support and enhance the business goals. Take a look, and let me know what you think!
Driving Integration and Transparency: A Security Architecture Maturity Model