Toward systemically secure IT architectures

Abstract

This paper addresses the need for strong security guarantees in increasingly dynamic and flexible information technology (IT) environments. It applies time-tested security principles, architectural patterns, and continuous improvement constructs to weave security controls and assurances more systemically into an IT environment. Using a building block approach and a focus on iterative refinement, organizations can transform their existing legacy deployments into resilient architectures that meet not only their security, privacy, and compliance needs, but also satisfy business goals such as increased agility, flexibility, efficiency, and availability.