Cargando…

Security Architecture - How and Why

Security Architecture, or Enterprise Information security architecture, as it was originally coined by Gartner back in 2006, has been applied to many things and different areas, making a concrete definition of Security architecture a difficult proposition. But having an architecture for the cyber se...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Madsen, Tom
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Aalborg : River Publishers, 1900.
Colección:River Publishers Series in Digital Security and Forensics Ser.
Temas:
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Intro
  • Halftitle
  • Security Architecture
  • How & Why
  • Title Page
  • Security Architecture
  • How & Why
  • Contents
  • Preface
  • List of Figures
  • List of Tables
  • 1 Why Security?
  • 1.1 Business Prevention
  • 1.2 Measuring and Prioritizing Business Risk
  • 1.3 Security as a Business Enabler
  • 1.4 Empowering the Customers
  • 1.5 Protecting Relationships
  • 1.6 To Summarize
  • 2 Why Architecture
  • 2.1 Origins of Architecture
  • 2.2 Managing Complexity
  • 2.3 Information Systems Architecture
  • 2.4 Architectures
  • 2.4.1 Business Architecture
  • 2.4.2 Information Architecture
  • 2.4.3 Applications Architecture
  • 2.4.4 Infrastructure Architecture
  • 2.4.5 Risk Management Architecture
  • 2.4.6 Governance Architecture
  • 2.5 Enterprise Security Architecture
  • 2.6 Being a Successful Security Architect
  • 2.7 Security Architecture Needs a Holistic Approach
  • 2.8 What Does Architecture Mean?
  • 3 Security Architecture Model
  • 3.1 The SABSA Model
  • 3.2 The Business View
  • 3.3 The Architect's View
  • 3.4 The Designer's View
  • 3.5 The Builder's View
  • 3.6 The Tradesman's View
  • 3.7 The Facilities Manager's View
  • 3.8 The Inspector's View
  • 3.9 The Security Architecture Model
  • 4 Contextual Security Architecture
  • 4.1 Business Needs for Information Security
  • 4.2 Security as a Business Enabler
  • 4.2.1 On-Demand Entertainment
  • 4.2.2 Value-Added Information Services
  • 4.2.3 Remote Process Control
  • 4.2.4 Supply Chain Management
  • 4.2.5 Research and Information Gathering
  • 4.3 Digital Business
  • 4.3.1 Online Banking
  • 4.3.2 B2B
  • 4.3.3 Online Government
  • 4.4 Continuity and Stability
  • 4.4.1 Revenue Generation
  • 4.4.2 Customer Service
  • 4.4.3 Reputation
  • 4.4.4 Management Control
  • 4.4.5 Operating Licenses
  • 4.4.6 Employee Confidence
  • 4.4.7 Shareholder Confidence
  • 4.4.8 Other Stakeholders
  • 4.5 Safety-Critical Dependencies
  • 4.5.1 Remote Communications to Safety-Critical Systems
  • 4.5.2 Systems Assurance
  • 4.6 Business Goals, Success Factors and Operational Risks
  • 4.6.1 Brand Protection
  • 4.6.2 Fraud Prevention
  • 4.6.3 Loss Prevention
  • 4.6.4 Business Continuity
  • 4.6.5 Legal Obligations
  • 4.7 Operational Risk Assessment
  • 4.7.1 Risk/Threat Assessment
  • 4.7.2 Threat Domains
  • 4.7.3 Threat Categories
  • 4.7.4 Risk Prioritization
  • 4.8 SABSA Risk Assessment Method
  • 4.8.1 SABSA Risk Assessment Method: Step 1
  • 4.8.2 SABSA Risk Assessment Method: Step 2
  • 4.8.3 SABSA Risk Assessment Method: Step 3
  • 4.8.4 SABSA Risk Assessment Method: Step 4
  • 4.8.5 SABSA Risk Assessment Method: Step 5
  • 4.9 Business Processes and their Security
  • 4.9.1 Business Interactions
  • 4.9.2 Business Communications
  • 4.9.3 Business Transactions
  • 4.10 Organization and Relationships Impacting Security Needs
  • 4.11 Location Dependence
  • 4.11.1 The Global Village Marketplace
  • 4.11.2 Remote Working
  • 4.12 Time Dependency
  • 4.12.1 Time-Related Business Drivers