The Role Of Enterprise Architecture In Cyber Defence

We’ve probably heard the world ‘unprecedented’ more than any other in recent months, but it doesn’t even come close to describing the impact the past year has had on businesses around the world.

As if a global pandemic, a volatile US election and Britain’s inevitable uncoupling from the EU wasn’t enough to deal with, the year also saw one of the biggest cybersecurity breaches in a generation.

What impact did this breach have, and how can enterprise architecture help businesses defend against similar supply chain attacks?  

SolarWinds And The Increasing Risk Of Supply Chain Attacks

In December 2020, an APT (advanced persistent threat) group orchestrated a supply-chain attack on SolarWinds, a global IT management company. Using a backdoor program referred to as ‘Sunburst’, the group was able to gain access to sensitive information while remaining virtually undetected, infecting many of SolarWinds’ customers via a seemingly innocent update to its Orion software. Businesses as prominent as Cisco and Microsoft were exposed in the attack, referrerd to by Micorosft Chairman Brad Smith as “the largest and most sophisticated cyber-attack ever.”

In any other year, the SolarWinds breach would have been headline news for weeks. But while it didn’t get the mainstream media attention it deserved, it did underscore the need for businesses in all sectors to re-evaluate their own security posture. Organisations have of course developed and embraced new security tools to mitigate the risk of supply chain attacks.

From intelligent TPRM (third party risk management) platforms to performing regular vulnerability and penetration tests, businesses are doing all they can to protect their data. Or are they? 

Building A Security Culture

A company’s risk posture and security maturity must match today’s threats in terms of reach and sophistication. In order to defend against breaches like the SolarWinds attack, businesses need to stop treating their security as an individual, siloed department or a standalone business function. Instead, businesses need to embrace security as a culture that spans the entire organisation. Only then can a company achieve 360-degree visibility with the insight and controls required to defend against high-level breaches.  

This might sound like an insurmountable challenge on the surface. Once a security framework has been established, how can it be scaled with the business? How can a business be sure that its security objectives don’t stifle or limit the business in other ways? How can a company increase its reaction times and mobilise remedial action across teams, departments and even geographical regions? This is all perfectly achievable with enterprise architecture. 

The Role Of Enterprise Architecture

Now, more than ever, security is seen as a global standard. In order to defend themselves against sophisticated supply-chain hacks, businesses need to be able to orchestrate detailed risk management across the entire organisational infrastructure. There are existing frameworks that businesses can use as a foundation. Take the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), or the Sherwood Applied Business Security Architecture (SABSA), for instance. Both are open-standard, vendor-neutral frameworks that provide high-level taxonomy of cybersecurity outcomes, including the methodology to assess and manage them. The discipline behind applying and scaling these and other frameworks is security architecture, a sub-discipline of enterprise architecture. 

Security architecture isn’t necessarily about threat management or the direct implementation of security platforms. It operates several levels above this, offering complete oversight and control over cyber security operations business-wide. This allows organisations to make the most of frameworks like NIST CSF and SABSA, tailoring them to their individual needs and planning their expansion alongside the business.  

While enterprise architecture operates on this ‘top line’ level for the most part, there are enterprise architecture tools that give teams on the ground an enormous advantage when it comes to taking remedial action. For instance, being able to track every single instance of a breach or infiltration once it has been identified, across every single department and endpoint, rather than checking vulnerabilities one by one. 

Cyber attacks are growing in sophistication, and so must our defensive tactics. Enterprise architecture offers businesses a workable methodology and framework to not only defend themselves, but revolutionise how their organisation manages security from the inside out. 

About The Author: Rupert Colbourne is CTO at Orbus Software.

You Might Also Read:

Microsoft Releases Free Tool For Hunting SolarWinds Malware:

 

« Russian Spy Chief Says SolarWinds Was An Inside Job
Bitcoin Is Bad For The Environment »

Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

SS8 Networks

SS8 Networks

SS8 provide an analytics platform for monitoring high speed communication flows to identify 'suspects-of-interest' for law enforcement and intel agencies.

Resilient Information Systems Security (RISS)

Resilient Information Systems Security (RISS)

RISS is a research group is in the Department of Computing at Imperial College London.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

Spanish Network of Excellence on Cybersecurity Research (RENIC)

Spanish Network of Excellence on Cybersecurity Research (RENIC)

RENIC is a membership based sectoral association that includes research centers and other agents of the research cybersecurity ecosystem in Spain.

SQN Banking Systems

SQN Banking Systems

SQN Banking Systems fraud detection software products are a critical step towards overcoming the growing problem of fraud across the various payment channels.

Cyber Struggle

Cyber Struggle

At Cyber Struggle, our aim is training and certifying the special forces of the cyber world.

Digital Magics

Digital Magics

Digital Magics is an incubator for innovative startups which offer content and services with high technological value. Areas of focus include IoT, Enterprise Software, AI, Industry 4.0 and Blockchain.

FiberWolf

FiberWolf

FiberWolf is a Managed Security Service Provider (MSSP) serving customers from diverse industries including Government, Education, Banking and Technology.