Press "Enter" to skip to content

Posts published in “Architecture”

NIST CSF Core Notes

johnyan 0

NIST Framework Components The Cybersecurity Framework consists of three main components: The Framework Core provides a set of desired cybersecurity activities and outcomes using common language that is easy to understand.   The Framework Implementation Tiers assist organizations by providing context on how an organization views cybersecurity risk management.  Framework Profiles are an organization’s unique alignment of their organizational requirements and…

Cyber Security Technology with NIST Cyber Security Framework

johnyan 0

Layered Security & Defense In Depth A layered approach to security can be implemented at any level of a complete information security strategy. Whether you are the administrator of only a single computer, accessing the Internet from home or a coffee shop, or the go-to guy for a thirty thousand user enterprise WAN, a layered approach to security tools deployment…

Understanding GDPR from Security Professional’s Perspective

johnyan 0

One of the most recent and wide-ranging laws impacting the security profession globally is the European Union’s General Data Protection Regulation, or GDPR. As of May 25, 2018, the GDPR is a legal and enforceable act of the European Union. In this post, we will detail the key findings as a security professional how to work to satisfy the requirements…

Cyber Security Frameworks and Integrated with TOGAF

johnyan 0

When cyber security professionals talking about related frameworks, it always comes to two which is ISO and NIST. There are lots of confusions  between them and also between Frameworks and Security architecture methodology. Here is some discussion for those topics I collected from online which I believe at certain points, it clarified some of my confusions. ====================================================================== A Cyber Security…

From DevOps to DevSecOps

johnyan 0

What is DevOps: DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market. (from AWS) Prior to 2010, Structured Development…

Enterprise Security Architecture Resources

johnyan 0

Enterprise Security Architecture (ESA) is a relatively new concept to most business & IT stakeholders. However it is gaining an increase in adoption due to the need by the CISO’s of enterprises to strategically address information security debt and meet the increasing burden of Privacy related compliance. This post is going to collect some useful online resources which started to…

EA (Enterprise Architecture) Framework Resources

johnyan 0

A Brief History of Enterprise Architecture (From Arnab Chattopadhaya ‘s Enterprise Security Architecture) Enterprise Architectural Methodologies • Consortia-developed Frameworks – ISO 19439 – RM-ODP (ITU-T X.901-904) – TOGAF • Defense Industry Framework – DoDAF – MODAF – NAF • Government Framework – ESAAF – FEAF – NIST Enterprise Architecture Model • Open Source Frameworks – TRAK – SABSA • Proprietary Frameworks…