The Role Of Enterprise Architecture In Cyber Defence

We’ve probably heard the world ‘unprecedented’ more than any other in recent months, but it doesn’t even come close to describing the impact the past year has had on businesses around the world.

As if a global pandemic, a volatile US election and Britain’s inevitable uncoupling from the EU wasn’t enough to deal with, the year also saw one of the biggest cybersecurity breaches in a generation.

What impact did this breach have, and how can enterprise architecture help businesses defend against similar supply chain attacks?  

SolarWinds And The Increasing Risk Of Supply Chain Attacks

In December 2020, an APT (advanced persistent threat) group orchestrated a supply-chain attack on SolarWinds, a global IT management company. Using a backdoor program referred to as ‘Sunburst’, the group was able to gain access to sensitive information while remaining virtually undetected, infecting many of SolarWinds’ customers via a seemingly innocent update to its Orion software. Businesses as prominent as Cisco and Microsoft were exposed in the attack, referrerd to by Micorosft Chairman Brad Smith as “the largest and most sophisticated cyber-attack ever.”

In any other year, the SolarWinds breach would have been headline news for weeks. But while it didn’t get the mainstream media attention it deserved, it did underscore the need for businesses in all sectors to re-evaluate their own security posture. Organisations have of course developed and embraced new security tools to mitigate the risk of supply chain attacks.

From intelligent TPRM (third party risk management) platforms to performing regular vulnerability and penetration tests, businesses are doing all they can to protect their data. Or are they? 

Building A Security Culture

A company’s risk posture and security maturity must match today’s threats in terms of reach and sophistication. In order to defend against breaches like the SolarWinds attack, businesses need to stop treating their security as an individual, siloed department or a standalone business function. Instead, businesses need to embrace security as a culture that spans the entire organisation. Only then can a company achieve 360-degree visibility with the insight and controls required to defend against high-level breaches.  

This might sound like an insurmountable challenge on the surface. Once a security framework has been established, how can it be scaled with the business? How can a business be sure that its security objectives don’t stifle or limit the business in other ways? How can a company increase its reaction times and mobilise remedial action across teams, departments and even geographical regions? This is all perfectly achievable with enterprise architecture. 

The Role Of Enterprise Architecture

Now, more than ever, security is seen as a global standard. In order to defend themselves against sophisticated supply-chain hacks, businesses need to be able to orchestrate detailed risk management across the entire organisational infrastructure. There are existing frameworks that businesses can use as a foundation. Take the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), or the Sherwood Applied Business Security Architecture (SABSA), for instance. Both are open-standard, vendor-neutral frameworks that provide high-level taxonomy of cybersecurity outcomes, including the methodology to assess and manage them. The discipline behind applying and scaling these and other frameworks is security architecture, a sub-discipline of enterprise architecture. 

Security architecture isn’t necessarily about threat management or the direct implementation of security platforms. It operates several levels above this, offering complete oversight and control over cyber security operations business-wide. This allows organisations to make the most of frameworks like NIST CSF and SABSA, tailoring them to their individual needs and planning their expansion alongside the business.  

While enterprise architecture operates on this ‘top line’ level for the most part, there are enterprise architecture tools that give teams on the ground an enormous advantage when it comes to taking remedial action. For instance, being able to track every single instance of a breach or infiltration once it has been identified, across every single department and endpoint, rather than checking vulnerabilities one by one. 

Cyber attacks are growing in sophistication, and so must our defensive tactics. Enterprise architecture offers businesses a workable methodology and framework to not only defend themselves, but revolutionise how their organisation manages security from the inside out. 

About The Author: Rupert Colbourne is CTO at Orbus Software.

You Might Also Read:

Microsoft Releases Free Tool For Hunting SolarWinds Malware:

 

« Russian Spy Chief Says SolarWinds Was An Inside Job
Bitcoin Is Bad For The Environment »

Perimeter 81

Directory of Suppliers

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Data Security Solutions

Data Security Solutions

Data Security Solutions” is an experienced cyber-security systems integrator and full related IT services provider in the Baltic States.

S2T

S2T

S2T builds cyber intelligence solutions based on deep expertise in diverse domains such as intelligence, machine learning and AI, big data processing, statistics and linguistics.

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

Carve Systems

Carve Systems

Carve Systems was founded to bring enterprise level information security, training, and risk management services to organizations of any size and industry.

Kameleon Security

Kameleon Security

Kameleon is a semiconductor startup developing advanced hardware cybersecurity platforms for computing systems.

Kratos Defense & Security Solutions

Kratos Defense & Security Solutions

The Kratos Space, Training, and Cybersecurity division addresses key cybersecurity challenges, including cloud security, continuous monitoring, IT security, and risk management.

Cyber Ninjas

Cyber Ninjas

Cyber Ninjas specializes in all areas of application security ranging from your traditional web application to mobile or thick client applications.