Question

An organization’s success begins with building a strong, secure infrastructure, which includes the appropriate policies, procedures, and processes, as well as architecting a scaleable, available, and secure network.

Describe the critical components of a cybersecurity architecture. Be sure it provides defense to protect the organization’s data, network, and assets.

Explain the function of each component and how each protects the organization.

Respond to the following in a minimum of 175 words:

Answer 1

Critical components of cybersecurity architecture:

1. Data Protection:

Analyzing the types of data that we typically work with and formulizing ways to protect them. With the help of governance and regulation frameworks published in public and private domains could help by providing several of the tactical advice to protect different facets of critical data.

Some time data miss-handling might pose a threat to the data security and establishing clear development and training plans related to data handling and management could go a long way.

2. Monitoring Threat:

1. Always on tracking: using firewall at IP Layers.
2. Near miss analysis: having a robust analyzing mechanism for close calls of security breaches, they could be the door through which hackers could breakthrough next time.

3. Network Perimeter fencing:

With the age of cloud computing the scope of data access and storage has crossed boundaries and organization knowledge of the state in which their data is kept in ever so important.

Sub elements to this would be:

1. User Access: clearly defining the access roles for any data and network location, through logins, session management and multifactored authentication.
2. Have an in-depth diagnostic from the cloud providers: An organization should ask for a complete suite of network monitoring over their cloud implementation.

4. Threat Gathering:

1. Hunting: some advance systems could proactively hunt for threat based on the data collected from different sources about recent attacks and happening across the globe.
2. Operational Intelligence: is designed to provide specialized, technically-focused intuition that will guide the support, response, and remediation of specific incidents. This type of intelligence is often including, things like post-incident forensic reports.
3. Decisive intelligence: assesses disparate pieces of information that informs organizational stakeholders on broad or long-term issues and provides a timely warning of threats.

5. Compliance:

1. Forensic Reporting: during the event of a breach, we need to make sure that both your organization and external auditors can view detailed activity reports to get a better picture of the cyber “chained attacks”.
2. Response: In compliance and risk management, it’s not related just about keeping malicious entities out. If an incident does occur, we need to have a response plan that’s in compliance and in alignment with recognized regulatory framework. Each employee should know exactly what to do in the event of a breach