The Role Of Enterprise Architecture In Cyber Defence

We’ve probably heard the world ‘unprecedented’ more than any other in recent months, but it doesn’t even come close to describing the impact the past year has had on businesses around the world.

As if a global pandemic, a volatile US election and Britain’s inevitable uncoupling from the EU wasn’t enough to deal with, the year also saw one of the biggest cybersecurity breaches in a generation.

What impact did this breach have, and how can enterprise architecture help businesses defend against similar supply chain attacks?  

SolarWinds And The Increasing Risk Of Supply Chain Attacks

In December 2020, an APT (advanced persistent threat) group orchestrated a supply-chain attack on SolarWinds, a global IT management company. Using a backdoor program referred to as ‘Sunburst’, the group was able to gain access to sensitive information while remaining virtually undetected, infecting many of SolarWinds’ customers via a seemingly innocent update to its Orion software. Businesses as prominent as Cisco and Microsoft were exposed in the attack, referrerd to by Micorosft Chairman Brad Smith as “the largest and most sophisticated cyber-attack ever.”

In any other year, the SolarWinds breach would have been headline news for weeks. But while it didn’t get the mainstream media attention it deserved, it did underscore the need for businesses in all sectors to re-evaluate their own security posture. Organisations have of course developed and embraced new security tools to mitigate the risk of supply chain attacks.

From intelligent TPRM (third party risk management) platforms to performing regular vulnerability and penetration tests, businesses are doing all they can to protect their data. Or are they? 

Building A Security Culture

A company’s risk posture and security maturity must match today’s threats in terms of reach and sophistication. In order to defend against breaches like the SolarWinds attack, businesses need to stop treating their security as an individual, siloed department or a standalone business function. Instead, businesses need to embrace security as a culture that spans the entire organisation. Only then can a company achieve 360-degree visibility with the insight and controls required to defend against high-level breaches.  

This might sound like an insurmountable challenge on the surface. Once a security framework has been established, how can it be scaled with the business? How can a business be sure that its security objectives don’t stifle or limit the business in other ways? How can a company increase its reaction times and mobilise remedial action across teams, departments and even geographical regions? This is all perfectly achievable with enterprise architecture. 

The Role Of Enterprise Architecture

Now, more than ever, security is seen as a global standard. In order to defend themselves against sophisticated supply-chain hacks, businesses need to be able to orchestrate detailed risk management across the entire organisational infrastructure. There are existing frameworks that businesses can use as a foundation. Take the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), or the Sherwood Applied Business Security Architecture (SABSA), for instance. Both are open-standard, vendor-neutral frameworks that provide high-level taxonomy of cybersecurity outcomes, including the methodology to assess and manage them. The discipline behind applying and scaling these and other frameworks is security architecture, a sub-discipline of enterprise architecture. 

Security architecture isn’t necessarily about threat management or the direct implementation of security platforms. It operates several levels above this, offering complete oversight and control over cyber security operations business-wide. This allows organisations to make the most of frameworks like NIST CSF and SABSA, tailoring them to their individual needs and planning their expansion alongside the business.  

While enterprise architecture operates on this ‘top line’ level for the most part, there are enterprise architecture tools that give teams on the ground an enormous advantage when it comes to taking remedial action. For instance, being able to track every single instance of a breach or infiltration once it has been identified, across every single department and endpoint, rather than checking vulnerabilities one by one. 

Cyber attacks are growing in sophistication, and so must our defensive tactics. Enterprise architecture offers businesses a workable methodology and framework to not only defend themselves, but revolutionise how their organisation manages security from the inside out. 

About The Author: Rupert Colbourne is CTO at Orbus Software.

You Might Also Read:

Microsoft Releases Free Tool For Hunting SolarWinds Malware:

 

« Russian Spy Chief Says SolarWinds Was An Inside Job
Bitcoin Is Bad For The Environment »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

D-RisQ

D-RisQ

D-RisQ is focussed on delivering techniques to reduce the development costs of complex systems and software whilst maximising compliance

Nixon Peabody LLP

Nixon Peabody LLP

Nixon Peabody LLP is an international law firm with offices across the USA, Europe and Asia. Practice areas include Data Privacy and Cyber Security.

Inspired eLearning

Inspired eLearning

Inspired eLearning deliver solutions that help clients nurture and enhance workforce skills, protect themselves against cyberattacks and regulatory violations.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

CTR Secure Services

CTR Secure Services

CTR Secure Services provides a broad range of security consulting services from asset protection to cyber security.

Acutec

Acutec

Acutec is an award winning IT support, services and solutions provider including managed IT Security and backup/disaster recovery.

Circadence

Circadence

Circadence offer the only fully immersive, AI-powered, patent-pending, proprietary cybersecurity training platform in the market today.

National Authority for Electronic Certification and Cyber Security (AKCESK)

National Authority for Electronic Certification and Cyber Security (AKCESK)

AKCESK ensures security for trusted services, in particular reliability and security in electronic transactions between citizens, businesses and public authorities.

Cancom

Cancom

CANCOM group is one of the leading providers of IT infrastructure and IT services in Germany and Austria. Solution areas include network security.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Delinea

Delinea

Delinea is a leading provider of cloud-ready privileged access management (PAM) solutions that empower cybersecurity for the modern, hybrid enterprise.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

Europol - European Cybercrime Centre (EC3)

Europol - European Cybercrime Centre (EC3)

The European Cybercrime Centre (EC3) was set up by Europol to strengthen the law enforcement response to cybercrime in the EU.

Onwardly

Onwardly

For everyday folks tasked with implementing security and privacy. Do it faster with Onwardly - build, launch and scale your cyber resilience program in 30 minutes per week.

Lansafe

Lansafe

Lansafe stands as a leading managed service provider in the UK, seamlessly integrating IT, Telecoms, Security, Electrical and Cyber Security solutions.

CSIRT-Gnd

CSIRT-Gnd

CSIRT-Gnd provides 24x7 Computer Security Incident Response Services to citizens, companies and government agencies in Grenada.