Enterprise Security Architecture A Businessdriven Approach Pdf Exclusive

Enterprise Security Architecture: A Business-Driven Approach

Traceability: Every technical control must be traceable back to a specific business requirement or regulatory obligation. 2. The SABSA Framework: The Standard for ESA Layer 1: Business Strategy & Goals (Vision, KRs,

Review:

(Sherwood Applied Business Security Architecture). This framework shifts security from a reactive technical department concern to a strategic business enabler. Core Framework: The SABSA Layered Model Layer 1: Business Strategy & Goals (Vision, KRs,

• Layer 1: Business Strategy & Goals (Vision, KRs, Revenue Targets)
• Layer 2: Business Capabilities (Value streams, processes, supply chains)
• Layer 3: Information & Data Architecture (Crown jewels, classification schemas)
• Layer 4: Security Services & Controls (IAM, DLP, SIEM, Encryption)
• Layer 5: Technology & Infrastructure (Cloud, endpoints, networks)