Practical cyber security architecture: Introducing a practical model for resilience
Abstract
The move to the cloud raised expectations to finally leave behind on-premises silos and all the issues that accompany them. The complexity of hybrid scenarios, cloud provider lock-in situations and heavy dependencies on centralised cloud services take problems to a next level. Large and complex cyber systems, often encompassing both legacy and cloud, are difficult to maintain and operate, particularly in terms of cyber security. Investing in cyber resilience brings benefits not only in cyber security but also in building, maintaining and operating these systems. This paper introduces a practical model for building resilience within cyber system architectures. The main goal of the model is to reduce complexity and keep distributed large cyber environments manageable. As an architectural approach, the structure of the model extends from the enterprise level through the system level to the component level. The model is accompanied by a selection of basic patterns for building robust and resilient cyber systems. Its applicability is illustrated by some practical use cases in typical on-premises and cloud scenarios. This article is also included in The Business & Management Collection which can be accessed at https://hstalks.com/business/.
The full article is available to subscribers to the journal.
Author's Biography
Eleni Richter is a former programmer and administrator at the Internet start-up web.de. Eleni has spent more than 20 years in different positions at Energie Baden-Württemberg AG (EnBW AG), one of the four largest energy suppliers in Germany. Her previous roles include IT security manager, IT consultant, IT system designer, project manager and architect. This wide knowledge base led to her current position as chief architect of the identity and organisational data management at EnBW AG, responsible for design and architecture of a next-generation identity management system. Eleni regularly speaks at technology conferences. Her passion for creating cyber architectures and discussing ideas with others is also reflected in her activity as part-time lecturer in identity and access management and cyber security architecture at Lucerne University of Applied Sciences and Arts, Switzerland. She holds a Master of Engineering from the University of Karlsruhe, Germany.
