The Role Of Enterprise Architecture In Cyber Defence

We’ve probably heard the world ‘unprecedented’ more than any other in recent months, but it doesn’t even come close to describing the impact the past year has had on businesses around the world.

As if a global pandemic, a volatile US election and Britain’s inevitable uncoupling from the EU wasn’t enough to deal with, the year also saw one of the biggest cybersecurity breaches in a generation.

What impact did this breach have, and how can enterprise architecture help businesses defend against similar supply chain attacks?  

SolarWinds And The Increasing Risk Of Supply Chain Attacks

In December 2020, an APT (advanced persistent threat) group orchestrated a supply-chain attack on SolarWinds, a global IT management company. Using a backdoor program referred to as ‘Sunburst’, the group was able to gain access to sensitive information while remaining virtually undetected, infecting many of SolarWinds’ customers via a seemingly innocent update to its Orion software. Businesses as prominent as Cisco and Microsoft were exposed in the attack, referrerd to by Micorosft Chairman Brad Smith as “the largest and most sophisticated cyber-attack ever.”

In any other year, the SolarWinds breach would have been headline news for weeks. But while it didn’t get the mainstream media attention it deserved, it did underscore the need for businesses in all sectors to re-evaluate their own security posture. Organisations have of course developed and embraced new security tools to mitigate the risk of supply chain attacks.

From intelligent TPRM (third party risk management) platforms to performing regular vulnerability and penetration tests, businesses are doing all they can to protect their data. Or are they? 

Building A Security Culture

A company’s risk posture and security maturity must match today’s threats in terms of reach and sophistication. In order to defend against breaches like the SolarWinds attack, businesses need to stop treating their security as an individual, siloed department or a standalone business function. Instead, businesses need to embrace security as a culture that spans the entire organisation. Only then can a company achieve 360-degree visibility with the insight and controls required to defend against high-level breaches.  

This might sound like an insurmountable challenge on the surface. Once a security framework has been established, how can it be scaled with the business? How can a business be sure that its security objectives don’t stifle or limit the business in other ways? How can a company increase its reaction times and mobilise remedial action across teams, departments and even geographical regions? This is all perfectly achievable with enterprise architecture. 

The Role Of Enterprise Architecture

Now, more than ever, security is seen as a global standard. In order to defend themselves against sophisticated supply-chain hacks, businesses need to be able to orchestrate detailed risk management across the entire organisational infrastructure. There are existing frameworks that businesses can use as a foundation. Take the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), or the Sherwood Applied Business Security Architecture (SABSA), for instance. Both are open-standard, vendor-neutral frameworks that provide high-level taxonomy of cybersecurity outcomes, including the methodology to assess and manage them. The discipline behind applying and scaling these and other frameworks is security architecture, a sub-discipline of enterprise architecture. 

Security architecture isn’t necessarily about threat management or the direct implementation of security platforms. It operates several levels above this, offering complete oversight and control over cyber security operations business-wide. This allows organisations to make the most of frameworks like NIST CSF and SABSA, tailoring them to their individual needs and planning their expansion alongside the business.  

While enterprise architecture operates on this ‘top line’ level for the most part, there are enterprise architecture tools that give teams on the ground an enormous advantage when it comes to taking remedial action. For instance, being able to track every single instance of a breach or infiltration once it has been identified, across every single department and endpoint, rather than checking vulnerabilities one by one. 

Cyber attacks are growing in sophistication, and so must our defensive tactics. Enterprise architecture offers businesses a workable methodology and framework to not only defend themselves, but revolutionise how their organisation manages security from the inside out. 

About The Author: Rupert Colbourne is CTO at Orbus Software.

You Might Also Read:

Microsoft Releases Free Tool For Hunting SolarWinds Malware:

 

« Russian Spy Chief Says SolarWinds Was An Inside Job
Bitcoin Is Bad For The Environment »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Council of Europe - Cybercrime Programme Office (C-PROC)

Council of Europe - Cybercrime Programme Office (C-PROC)

The Cybercrime Programme Office of the Council of Europe is responsible for assisting countries worldwide in strengthening their legal systems capacity to respond to cybercrime

Finjan Holdings

Finjan Holdings

Finjan solutions are aimed at keeping the web, networks, and endpoints safe from malicious code and security threats.

Northbridge Insurance

Northbridge Insurance

Northbridge is a leading Canadian business insurance provider. Services offered include Cyber Risk insurance.

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium was created to encourage use-inspired research, training and technology awareness in cybersecurity.

WireX Systems

WireX Systems

WireX is an innovative network intelligence and forensics company that is changing the way businesses resolve cyber-attacks.

Granite Partners

Granite Partners

Granite is a cloud service for the development of business risk management, cyber security and privacy and occupational safety and health.

ESTsecurity

ESTsecurity

ESTsecurity is a leading company in cyber security providing intelligent security solutions to make world more secure.

HelseCERT

HelseCERT

HelseCERT is the health and care sector's national information security center for Norway.

HumanFirewall

HumanFirewall

HumanFirewall makes it possible for every individual to take part in securing their organisation. With HumanFirewall, achieving security has never been easier.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Digistor

Digistor

Digistor is a leading manufacturer of industrial-grade flash storage products, secure storage products, and Removable Secure Data Storage.

CV-Library

CV-Library

Start your job search with 216,931 live UK vacancies on award-winning CV-Library. Register your CV and find local jobs near you today!

Mediatech

Mediatech

Mediatech, specialized in managed Cybersecurity and Cloud services, a single point of contact for your company's IT and infrastructure.

SureCloud Cyber Services

SureCloud Cyber Services

Our Cyber Testing capability has been honed since we were founded in 2006 as a disrupter in the penetration testing market.

WaveLink

WaveLink

WaveLink offers low risk, results-oriented Engineering Services and best-of-class Technical Support Services. Areas of expertise include cyber and security engineering.

Darwinium

Darwinium

Darwinium is a Cyberfraud Prevention Platform that provides scalable customer journey protection without complexity.