HOW TO Create a Security Architecture
- Filter, Analyze, and Solve your Security Weaknesses -
Quickstart to generate a Security Architecture
- Create an account and log in
- Go to dragon1.com/workplace/home
- Download the Security Architecture Excel sheet
- Update it with your data
- Upload the Exel sheet in the Viewer (via the Upload Data button)
- See the Security Architecture generated with your data.
Use Zero Trust, Dark web, IoT, and Anti-Spoofing principles
Are your architects instantly addressing 70% of all security questions? It can be.
Use Dragon1 to build an ISMS following ISO 27001. Protect your clouds and prevent supply chain attacks and malicious emails with security rules and artificial intelligence.
This tutorial introduces how you can make use of Dragon1 for Security Architecture.
Dragon1 is the ML/AI-enabled digital platform for Enterprise Architecture.
What is Security Architecture?
According to the Dragon1 open EA method, Security Architecture is the coherent set of security concepts (or security capabilities) of your organization.
Depending on your strategy and business model, you need certain security concepts to be implemented at a certain maturity level.
Security Architecture is the description and visualization of how an organization's security controls (= security countermeasures) are positioned and how they relate to the overall systems architecture.
These security controls serve the purpose of maintaining the system's quality attributes such as confidentiality, integrity, and availability (CIA).
Security architecture is a conceptual security blueprint of the organization as the bridge between the strategy and transformation of the organization.
Today, security plays a vital role in the Enterprise Governance of an organization. Dragon1 helps to get Security Architecture linked to the governance processes, IT policies, and IT auditing and supports CxOs in selecting appropriate measures.
Read more about Security Architecture in the Resources section.
Building Common Insights to Enable Impactful Decisions
To have a group of key stakeholders gain common insights and overview of the current security situation and be ready to make impactful decisions for the organization's benefit and future, more and more organizations visualize their security architecture with specific visualizations, called management report views.
Dragon1 Viewer
Excel Sheet
Data Manager
Security Architecture and Concept
To create security architecture and concepts:
- Go to the Collaboration application
- Go to the Data Manager
- Click the Architectures panel
- Click the Add button
- Enter a name for a Security Architecture
- Click Save & Close
- Go back to the Data Manager of the Collaboration application
- Click the Concepts panel
- Click the Add button
- Enter a name for a security concept (for instance: Roles Based Access Control, DMZ, Email Spoofing, or Data Hiding)
- Click Save & Close
Security Architecture Principle and Capabilitiy
To create security architecture principles and capabilities
- Go to the Collaboration application
- Go to the Data Manager
- Click the Principles panel
- Click the Add button
- Enter a name for a principle
- Click Save & Close
- Go back to the Data Manager of the Collaboration application
- Click the Capabilities panel
- Click the Add button
- Enter a name for a capability
- Click Save & Close
Security Architecture Model
To create security architecture models:
- Go to the Collaboration application
- Go to the Data Manager
- Click the Models panel
- Click the Add button
- Enter a name for a model
- Click Save & Close
Relationships
To create a relationship between the created data entities:
- Go to the Data Dashboard in the Collaboration application
- Select a Panel (respectively the previous panels)
- Select your created data entity in the list
- Click Add Relationship
- Select the model the relationship should be part of
- Select the entity class and entity name to link to the data entity
- Select a relationship type
- Click Save & Close
Security Views
Create the following common security views:
- Management Overview – How well are the top 10 key strategic security measures taken
- Roadmap View – When are certain security measures going to be implemented and what will What part of the IT infrastructure will the impact be?
- Security Data Breach View – Where, when, why, and how did security data breaches affect our IT infrastructure (networks and components), Data, and IT System?
- GDPR View – How well do we align with the GDPR rules for private and sensitive data?
- Confidentiality View – How well do we secure, provide, and maintain the business-required confidentiality of the IT infrastructure, Data, and IT systems?
- Integrity View – How well do we secure, provide, and maintain the business-required integrity of the IT infrastructure, Data, and IT systems?
- Availability View – How well do we secure, provide, and maintain the business-required availability of the IT infrastructure, Data, and IT systems?
- Skills & Education View – What knowledge and skills do we have or do we need to gain/develop, as is required by the security architecture, to maintain a secure IT operation?
- Documentation View – Which parts of the IT infrastructure are documented as mandatory?
- Compliance View – Which IT infrastructure components, data, and systems are (not) compliant with the standards?
- Business Process View – Which (lack of) compliance on standards in the IT infrastructure has (positive/negative) impact on certain processes?
All the visualizations show relationships and dependencies between IT components within a context.
Microsoft Cyber Security Architecture
Create the Microsoft Cyber Security Architecture on Dragon1 platform.
Download Brochure
Download the Security Architecture brochure