“There is a difference between network and application security. They work together, but they are very different: using different techniques and tools. One is not a substitute for the other.”
– John Sherwood, Chief Architect, thought leader, and co-Founder of The SABSA Institute
In our last post about Practical Cybersecurity Architecture we addressed the question of why create security architectures at all. In this post we take a look at the main types of security architects. Just as there are different sub-types of technology architects generally (for example, data architect versus software architect versus network architect), there can also be different types of cybersecurity architect. This can be confusing, because sometimes it is not clear from a person’s title what a practitioner’s scope, focus, and purview is.
A cybersecurity architect within one company might be focused almost entirely on network infrastructure, while another with the same title and similar job description at another firm might focus almost exclusively on application design. Different types of cybersecurity architects have different scopes and different tools/methods that they use to help them achieve their goals. In our book, we chose to focus on two different “personas” of cybersecurity architect:
- Application security architect
- Network security architect
There are, of course, other specializations beyond this (data security architects, cloud security architects, and so on) and, usually in smaller or mid-market organizations, you can find those with a focus and goals that span both roles. Also, for a more comprehensive view of overall risk to the business, the versatile architect will have a working familiarity with approaches that address both the application and network side of the technology landscape.
The Role of the Application Security Architect
From the standpoint of end goals, the remit of the application security architect is like that of the network security architect: ensure the security of the entities in their scope. In this case though, instead of focusing on the infrastructure that helps to enable application delivery, they instead focus on the applications themselves: ensuring that they are built with security in mind, that the process of building them satisfies security goals, that they have appropriate and strong security features built into them to achieve those goals, and so on.
For the application security architect, the specific responsibilities, actions, and – most importantly – goals depend to a large degree on the phase of the development effort that the organization is undertaking. For example, there are different goals and approaches for projects in the following areas:
- Requirements: Outlining and documenting what the scope and purpose of the application are.
- Development: While the software is under active development: namely, the period from ideation to release, either for new software or updates to existing software. Note that this includes any interim, pre-release phases such as unit testing, integration, functional and performance testing, building, and any other phases of the life cycle that may be applicable to a given organization.
- Release: The process of deploying the software to production. This includes the release process itself followed by immediate pre – and post-release actions such as shakeout and production deployment.
- Support: Post-release updates, support, and maintenance.
The Role of the Network Security Architect
On the other side is the network security architect, their role is the creation, design, execution, and operation of the secure networking and communications infrastructure of the organization.
Historically, most organizations (from the largest to the smallest) were directly responsible for maintaining and securing their own network. Now, for many organizations, the functional role of the network itself is in a period of transition. Specifically, while the network is still very much the primary conduit for employee communication, some of the use of the network as the “launchpad” for internal services has migrated off the internal network to the cloud. And so too has the network security architect’s focus migrated.
The role of the security architect in a networking context is to ensure three primary goals:
- Confidentiality: The property that information is only disclosed to those that are authorized. Meaning, data is confidential to all those without a legitimate business need to know.
- Integrity: The property that information is reliable: it cannot be changed or modified unless performed by someone who is authorized to make that change.
- Availability: The property that resources and information can be accessed when needed.
With CIA in mind, there are a couple of additional goals when it comes to the overall design of both the network as well as the security mechanisms used by the network:
- High availability: Ensuring network-based services and tools remain available during natural and/or man-made disasters such as earthquakes, floods, fires, or pandemics
- Resistance to attack: The degree to which network countermeasures mitigate or thwart attacks by human or software threat agents
A secure network design therefore will enable both goals. In the case that the architect has direct input into the design of a new network, the security architect will work directly with the engineers and other network architects to make sure that these properties are “baked in” to the overall network design; in situations where the network already exists (in many cases, designed and built without these goals in mind or with minimal focus on security), they will work with other stakeholders to build out a portfolio of countermeasures and improvements that help to increase resiliency after the fact.
This post is part of a series excerpted from our book: Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects, ISBN-13 : 978-1838989927 available at Amazon and published by Packt.