Aspirenet Limited
Aspirenet Limited
  • Home
  • Portfolio
    • vCISO
    • Security Architecture
    • Cyber Risk Management
    • Cyber Security Assessment
    • Cloud Security
    • Consultancy Services
    • Cyber Resilience
    • Incident Management
  • Contact Us
  • About
    • Who We Are
    • Our Approach
  • Resources
    • News
    • Blog
    • Resource Documents
  • More
    • Home
    • Portfolio
      • vCISO
      • Security Architecture
      • Cyber Risk Management
      • Cyber Security Assessment
      • Cloud Security
      • Consultancy Services
      • Cyber Resilience
      • Incident Management
    • Contact Us
    • About
      • Who We Are
      • Our Approach
    • Resources
      • News
      • Blog
      • Resource Documents
  • Home
  • Portfolio
    • vCISO
    • Security Architecture
    • Cyber Risk Management
    • Cyber Security Assessment
    • Cloud Security
    • Consultancy Services
    • Cyber Resilience
    • Incident Management
  • Contact Us
  • About
    • Who We Are
    • Our Approach
  • Resources
    • News
    • Blog
    • Resource Documents

Security Architecture Framework

What is Security Architecture?

Unfortunately, there is no single answer to this question. there are many interpretations and definitions on the internet which cover security architecture. Whether it be applied to software, computers, enterprises, networks etc. they all differ slightly. However, at Aspirenet Ltd. we follow the UK’s National Cyber Security Centre’s (NCSC’s) definition of Security Architecture [1] in that we believe Security Architecture is;


The practice of designing systems to achieve security goals.


We believe that those security goals are to IDENTIFY your business assets and the risks to them, PROTECT those assets and your business from attack, DETECT attacks to those assets, RESPOND to attacks & RECOVER your assets and ultimately reduce your business losses. 

These security goals are achieved through the use of TECHNOLOGY, PEOPLE, and PROCESSES.

Security Architecture, Security Modelling, security framework,network security, IT security
Digital gears all intertwined with a mans finger touching one of them.

What are the elements of Security Architecture?

There are several elements which make up a good cyber security architecture framework. The underlying elements are those of assured and proven modular patterns which can be re-used and are scalable. These patterns save the business time and money when applying a security architecture which meets those security goals, to another area of the business or another project.


These patterns can contain multiple components cutting across different areas of the business, for example;


User training & awareness

Policies & Procedures

Baseline configurations for devices

Access controls

Testing

Incident response play books

Identification of roles & responsibilities


These are just a few examples of components which may be included in a pattern. Our blog discussing defence in depth (https://aspirenet.ltd/blog/f/defence-in-depth) gives more detail on those components which would make up a good pattern.


Another element is that of defined security principles which are derived from the business requirements. by aligning these security principles with your business requirements, you ensure that your cyber security architecture framework not only supports your business but also delivers benefits to your organisation.


No matter how small or large your business is, it will benefit from implementing security architecture through one of the security architecture frameworks.

What is a Security Architecture framework?

A security architecture framework defines those elements listed above, guidelines on how best to implement them & what level of the business should be engaged and when. Frameworks offer a modular approach to implementation, breaking down the areas required to meet the requirements which will meet compliance with the framework.


There are several security architecture frameworks available. Some are designed for large enterprises, some are designed for small to medium sized business, a few can be applied to both and then there are those which must be applied to specific industries.

Some examples of available security frameworks are;


ISO27001

Cyber Essentials & IASME Governance 

NIST Cyber security Framework

SABSA

OSA

PCI-DSS

SOC

Multiple picture frames of different sizes and colours.
Digital image of Earth from space showing a digital protective shield all around it.

Aspirenet Security Architecture Services

With the ever changing and new technologies that become part and parcel of business life, and the integration of those technologies into the business, it becomes more difficult to visualise where the boundaries lie regarding what is being secured and how is it secured.


Bring security in line with your business strategy and goals and allow you and your business to confidently grow with the knowledge that your information which is processed, stored, and transmitted on those critical computer systems will remain confidential, available and maintain its integrity through its lifecycle.


By implementing and operating a Security Architecture Framework, you can give yourself the confidence that your business will not only identify & protect your information and computer systems, but also detect an attack when it occurs and recover from it quickly, minimising your business downtime and of course, your financial losses.


Contact us today to Assess, Advise, Apply and Achieve continual improvement in your business by successfully implementing a Security Architectural Framework.


[1] - https://www.ncsc.gov.uk/blog-post/how-ncsc-thinks-about-security-architecture

Get in Touch

Get in touch with us today to find out how we can help you secure your business.


Direct: 01495 443 121

Contact Us

Copyright © 2021 Aspirenet Limited - All Rights Reserved.

  • Privacy Policy

We are always keen to learn what our clients need or want

Please email support@aspirenet.ltd and let us know what you'd like to see, or contact us via our contact us page

Contact Us

Cookie Policy

This website uses cookies. By continuing to use this site, you accept our use of cookies. Privacy Policy

DeclineAccept & Close