Enterprise Security Architecture (ESA)
The ESA Focus Group’s activities go from presenting lessons learned regarding security design and tactics in chosen technology risk domains to sharing or co-creating architectural assets..
Objectives
Security architects are the guardians of the business-to-security alignment, balancing threat protection and business enablement.
They are united by the “secure by design” condition in solution delivery and the responsibility of supporting information risk management, security capability planning and policy management by means of models and building blocks.
The ESA Focus Group shares experiences in architecture development and solution design for:
- Cyber defence strategy definition
- Cyber security infrastructure service implementation
Topics
The ESA Focus Group has addressed topics such as:
- the disappearing network boundary,
- efficient use of security architecture frameworks,
- threat modelling techniques
- and security in cloud-native architectures (micro-services, containers & orchestration, APIs, etc.).
- creating an enterprise security architecture maturity assessment model
- API security,
- member testimonials on Zero Trust Architecture (ZTA),
- confidential computing architectures as part of sovereign cloud,
- PKI for microservice architectures.
The ESA Focus Group has developed a White paper on Enterprise Security Architecture.
Practices
The ESA Focus Group generally convenes in person on a quarterly basis.
How to join the group
Admission is subject to Coalition membership. The following profiles may be interested in joining this Focus Group: enterprise architects, security architects, security engineers and security analysts.