The Role Of Enterprise Architecture In Cyber Defence

Uploaded on 2021-05-18 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

We’ve probably heard the world ‘unprecedented’ more than any other in recent months, but it doesn’t even come close to describing the impact the past year has had on businesses around the world.

As if a global pandemic, a volatile US election and Britain’s inevitable uncoupling from the EU wasn’t enough to deal with, the year also saw one of the biggest cybersecurity breaches in a generation.

What impact did this breach have, and how can enterprise architecture help businesses defend against similar supply chain attacks?  

SolarWinds And The Increasing Risk Of Supply Chain Attacks

In December 2020, an APT (advanced persistent threat) group orchestrated a supply-chain attack on SolarWinds, a global IT management company. Using a backdoor program referred to as ‘Sunburst’, the group was able to gain access to sensitive information while remaining virtually undetected, infecting many of SolarWinds’ customers via a seemingly innocent update to its Orion software. Businesses as prominent as Cisco and Microsoft were exposed in the attack, referrerd to by Micorosft Chairman Brad Smith as “the largest and most sophisticated cyber-attack ever.”

In any other year, the SolarWinds breach would have been headline news for weeks. But while it didn’t get the mainstream media attention it deserved, it did underscore the need for businesses in all sectors to re-evaluate their own security posture. Organisations have of course developed and embraced new security tools to mitigate the risk of supply chain attacks.

From intelligent TPRM (third party risk management) platforms to performing regular vulnerability and penetration tests, businesses are doing all they can to protect their data. Or are they? 

Building A Security Culture

A company’s risk posture and security maturity must match today’s threats in terms of reach and sophistication. In order to defend against breaches like the SolarWinds attack, businesses need to stop treating their security as an individual, siloed department or a standalone business function. Instead, businesses need to embrace security as a culture that spans the entire organisation. Only then can a company achieve 360-degree visibility with the insight and controls required to defend against high-level breaches.  

This might sound like an insurmountable challenge on the surface. Once a security framework has been established, how can it be scaled with the business? How can a business be sure that its security objectives don’t stifle or limit the business in other ways? How can a company increase its reaction times and mobilise remedial action across teams, departments and even geographical regions? This is all perfectly achievable with enterprise architecture. 

The Role Of Enterprise Architecture

Now, more than ever, security is seen as a global standard. In order to defend themselves against sophisticated supply-chain hacks, businesses need to be able to orchestrate detailed risk management across the entire organisational infrastructure. There are existing frameworks that businesses can use as a foundation. Take the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), or the Sherwood Applied Business Security Architecture (SABSA), for instance. Both are open-standard, vendor-neutral frameworks that provide high-level taxonomy of cybersecurity outcomes, including the methodology to assess and manage them. The discipline behind applying and scaling these and other frameworks is security architecture, a sub-discipline of enterprise architecture. 

Security architecture isn’t necessarily about threat management or the direct implementation of security platforms. It operates several levels above this, offering complete oversight and control over cyber security operations business-wide. This allows organisations to make the most of frameworks like NIST CSF and SABSA, tailoring them to their individual needs and planning their expansion alongside the business.  

While enterprise architecture operates on this ‘top line’ level for the most part, there are enterprise architecture tools that give teams on the ground an enormous advantage when it comes to taking remedial action. For instance, being able to track every single instance of a breach or infiltration once it has been identified, across every single department and endpoint, rather than checking vulnerabilities one by one. 

Cyber attacks are growing in sophistication, and so must our defensive tactics. Enterprise architecture offers businesses a workable methodology and framework to not only defend themselves, but revolutionise how their organisation manages security from the inside out. 

About The Author: Rupert Colbourne is CTO at Orbus Software.

You Might Also Read:

Microsoft Releases Free Tool For Hunting SolarWinds Malware:

 

« Russian Spy Chief Says SolarWinds Was An Inside Job
Bitcoin Is Bad For The Environment »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Venafi

Venafi

Venafi is a world-class cyber-security company dedicated to protecting machine identities for our hyper-connected digital economy.

IoTium

IoTium

Secure Cloud Managed Software Defined IoT Networks. IoTium simplifies establishing and managing secure network infrastructure for Industrial IoT.

Identillect Technologies

Identillect Technologies

Identillect Technologies provide a user-friendly secure email solution to protect critical information, with an emphasis on simplicity.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Office of the National Security Council (UVNS) - Croatia

Office of the National Security Council (UVNS) - Croatia

UVNS coordinates, harmonizes the adoption and controls the implementation of information security measures and standards in the Republic of Croatia.

SMESEC

SMESEC

SMESEC is a lightweight Cybersecurity framework for protecting small and medium-sized enterprises (SME) against Cyber threats.

NinjaJobs

NinjaJobs

NinjaJobs is a community-run job platform developed by information security professionals. We focusing strictly on cybersecurity positions.

Zeusmark

Zeusmark

Zeusmark are a digital brand security company. We enable companies to successfully defend their brands, revenue and consumers online.

AUREA Technology

AUREA Technology

The photon counter SPD_OEM_NIR from AUREA Technology is designed for quantum key distribution at telecom wavelengths.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

Polaris Infosec

Polaris Infosec

Polaris Web Presence Protection (WPP) is powered by our proprietary artificial intelligence and machine learning engine to ensure that attacks are stopped before they affect your business.

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

Tarlogic

Tarlogic

Tarlogic works to protect and defend your security with the highest quality technical team with next generation solutions to achieve the best protection.

ATHENE National Research Center For Applied Cybersecurity

ATHENE National Research Center For Applied Cybersecurity

ATHENE is the largest research center for cybersecurity and privacy in Europe, conducting application-oriented top-level research for the benefit of the economy, society and the state.

iNovex

iNovex

iNovex is a community of innovators that work together to solve hard problems. We partner with you to meet problems head-on and push boundaries with technology solutions.

Buguard

Buguard

Buguard is a multi-award-winning supplier of Application Security Assessments and GRC services.