Security Architecture, or Enterprise Information security architecture, as it was originally coined by Gartner back in 2006, has been applied to many things and different areas, making a concrete definition of Security architecture a difficult proposition. But having an architecture for the cyber security needs of an organization is important for many reasons, not least because having an architecture makes working with cyber security a much easier job, since we can now build on a, hopefully, solid foundation. Developing a security architecture is a daunting job, for almost anyone, and in a company that has not had a cyber security program implemented before, the job becomes even harder. The benefits of having a concrete cyber security architecture in place cannot be overstated! The challenge here is that a security architecture is not something that can stand alone, it absolutely must be aligned with the business in which is being implemented. This book emphasizes the importance, and the benefits, of having a security architecture in place. The book will be aligned with most of the sub frameworks in the general framework called SABSA, or Sherwood Applied Business Security Architecture. SABSA is comprised of several individual frameworks and there are several certifications that you can take in SABSA. Aside from getting a validation of your skills, SABSA as a framework focusses on aligning the Security Architecture with the business and its strategy. Each of the chapters in this book will be aligned with one or more of the components in SABSA, the components will be described along with the introduction to each of the chapters.

In this book the author draws inspiration from Sun Tzu's Art of War, a work that explains conflict between nations, and he applies this to the computer security setting, examining how we should consider protecting information systems from accidents or malicious attacks. The author first briefly introduces Sun Tzu. Then each chapter in the book takes its inspiration from an original title in The Art of War, where the author offers a general introduction to the content and then describes its application in a cybersecurity setting. These chapters cover estimates; waging war; offensive strategy; how you prepare for an attack; energy; weaknesses and strengths; the variables that need consideration before embarking on a war; how infrastructure is related to the concept of ground; attack by fire or how skilled attackers hide behind noise; and employing secret agents. The book will be interesting for computer security researchers and professionals who would like some grounding in a security mindset.

In this book the author draws inspiration from Sun Tzu's Art of War, a work that explains conflict between nations, and he applies this to the computer security setting, examining how we should consider protecting information systems from accidents or malicious attacks. The author first briefly introduces Sun Tzu. Then each chapter in the book takes its inspiration from an original title in The Art of War, where the author offers a general introduction to the content and then describes its application in a cybersecurity setting. These chapters cover estimates; waging war; offensive strategy; how you prepare for an attack; energy; weaknesses and strengths; the variables that need consideration before embarking on a war; how infrastructure is related to the concept of ground; attack by fire or how skilled attackers hide behind noise; and employing secret agents. The book will be interesting for computer security researchers and professionals who would like some grounding in a security mindset.