Cybersecurity Business Architecture

Подробнее о видео

Cybersecurity Business Architecture E047 2024 12 06
A Bit of Security for December 6, 2024
Cytactic hosted a great event in New York this week. Tim Brown, CISO of SolarWinds, spoke about how he experienced and managed the SVR’s SunBurst supply chain attack in December 2020. He discussed the information he received, when and how it got to him, what steps he took to fill out the picture, and how he organized the company to respond to the circumstances as they became known.
Tim did an outstanding job preserving the integrity of the organization against prudent and well-meaning individuals who wanted to reduce the company’s legal exposure but would have left customers and suppliers with greater uncertainty. Instead, he modeled a comprehensive business architecture for cybersecurity. Here’s what I mean by that.
A business architecture describes the inputs, processes, and outputs from a business function, and also includes measures to verify and audit its correct functioning. I’m using the Cobit/ITIL process model. Along with making the steps of the process clear and well-documented, he explains which inputs he needs, how to verify the quality of them in near-real time, how to cope with uncertainty in that quality dimension, how the process should work and what to do if it’s going off the rails, what assumptions the process makes about the capabilities of the people running it, who the affected users downstream are, and what the nature of their concerns might be.
This is a lot to take in all at once. The model allows the business to avoid having to make critical decisions with poor or missing steps. It allows the business to consider who the constituencies are and who they will be impacted by whatever measures you have to take during the crisis and in its aftermath. By planning these ahead of time, you avoid having to ask people amid a serious problem to do something unfamiliar. People are flexible, but when things go bad, we all tend to stick with what we know best. We aren’t in “learning new things” mode. Prior planning prevents poor performance.
It’s much better when you are learning judo to practice falling, so you know what it feels like, than try to figure it all out the first time you’re on the way down. That’s our Bit of Security for Friday, December 6, 2024. I’m William Malik. Be safe!
Cybersecurity Business Architecture
A Bit of Security for December 6th, 2024
Tim Brown of SolarWinds described the response to the SunBurst attack. He shows us how to build a high-performance cybersecurity business architecture. Listen to this -
Let me know what you think in the comments below or at wjmalik@noc.social
#cybersecuritytips #securityarchitecture #HIPO #BPO #BitofSec