CyberSecurity FAQ - What is the purpose of cybersecurity architecture?

The purpose of precisely and comprehensively specifying a cybersecurity architecture is to ensure that the underlying network architecture, including its crown jewel sensitive data and critical applications, are fully protected against current and future cyber adversaries. Just as a competent military commander needs to fully understand different kinds of terrain (Sun Tzu, Art of War, Chapter 10: Terrain) and the weakpoints of his forces (Sun Tzu, Art of War, Chapter 6: Weak Points and Strong) to effectively defend her troops and territory, a savvy cybersecurity architect needs to thoroughly understand different network topologies and cyber attack surface vulnerabilities to effectively defend her crown jewel sensitive data and critical applications.

The primary goals of a bona fide cybersecurity architecture are to ensure that:

• All cyber attack surfaces are minimized, hidden, and dynamic. All cyber attack surfaces should be relatively small in size, covertly stored, and constantly changing so that they are stealthy moving targets that are difficult for cyber adversaries to detect and penetrate;
• All crown jewel sensitive/confidential/classified data is strongly encrypted at rest. In addition, it should be subject to end-to-end encryption techniques during transit;
• All cyber attacks are aggressively detected, mitigated, and countered. Moving-Target Defenses (MTD) with aggressive counter-measures are strongly encouraged.

If you have constructive recommendations to correct, clarify, or otherwise improve this or any other Cybersecurity FAQ please contact us.

---

CYBERSECURITY & DESIGN HANDS-ON WORKSHOP TRAINING OPTIONS
If you seek professional cybersecurity architecture hands-on training that emphasizes robust architecture modeling languages (UML2, SysML, CyberML), strong cyptographic techniques, popular architecture modeling tools (Sparx EA, MagicDraw/Cameo, Rhapsody), and numerous practice exercises, check out PivotPoint's Essential Cybersecurity Architecture & Design Applied hands-on training workshops.