Rational Cybersecurity New Year Update
Updating the public on cybersecurity trends is not a trivial matter. At least to me, it is a vast potential topic space. Let’s outline it here and communicate further in the New Year.
My World and Rational Cybersecurity
After a… Continue reading
Updating the Multi-Cloud Cybersecurity Reference Architecture
It is time to update the Multi-cloud Cybersecurity Reference Architecture I wrote for Techvision Research in 2020. If you’re a security architect, I’d welcome your feedback. Please download a detailed, complimentary excerpt and summary here and provide feedback via… Continue reading
Rational Cybersecurity Webcast: Applying the 80-20 Rule
As I worked on Rational Cybersecurity for Business, I became fascinated with this question: How can we find a way to gain 80% of the benefits for 20% of the work? Considering that cybersecurity has so many moving parts… Continue reading
The Cybersecurity Business Alignment Framework for Architecture
To ensure security architectures are relevant, you can define them using the Cybersecurity Business Alignment Framework provided in the Multi-Cloud Security Reference Architecture (“refarch”), Rational Cybersecurity for Business (“the book”), and a few other tools.
How can Cybersecurity Architecture Align Modern Business and Technology Concerns?
Cybersecurity architecture can show help us align business and technology concerns by providing modernized views of core processes and technologies. Today, that means focusing on a hybrid, multi-cloud IT environment. To really deep dive on this, please sign up for… Continue reading
How to Protect Privileged Access: Back to the Basics
Privileged access management (PAM) is a cornerstone of zero architectures and other efforts to shore up defenses against an increasingly insecure network edge and elevated danger from threat actors. Please register here to join our webcast Thursday June 17 at… Continue reading
Digital Enterprises Need a Multi-Cloud Security Reference Architecture
A Security Reference Architecture model should enable businesses to create a business-centric, product-neutral, security process, and security technology savvy architecture of their own, to suit their circumstances. At a minimum, such models should provide diagrams you can modify to fit… Continue reading
Which is Easier: Aligning Business to Security, or Security to Business?
Which is Easier: Getting Businesspeople to think in terms of Security, getting Security Teams to think in terms of Business? While security leaders should work both angles, I say the correct answer to Alyssa Miller’s original question (below) is “B”.… Continue reading
What we Can Learn from the SolarWinds Supply Chain Breach
How could elite security vendor and incident responder FireEye so easily succumb to Solorigate, a state-sponsored supply chain breach of unparalleled magnitude? You should be asking yourselves this question as well as: Is your organization also vulnerable to the SolarWinds… Continue reading
Working Together to Create the Future of Security Architecture
The world really needs to take security architecture more seriously! If physical buildings were anything like security systems (experiencing a major breach practically every month), the news would be full of collapsing buildings and crumbling bridges. That’s why I’m pleased… Continue reading