4 minute read
INDUSTRY OPINION
The evolving role of the network security architect can deliver great value to the modern organisation
The role of the network security architect is constantly changing due to evolution in the IT landscape and its digital transformation, and the position has become particularly important over the past fifteen years. This is a period during which technology, and the way it is consumed, has evolved significantly
Advertisement
By Sarthak Rohal, Vice President - IT Services at AlphaCodes
In addition, considering the current Covid situation, where work-fromhome is the new normal and those home-workers are vigorously targeted by cybercriminals due to the lack of necessary security solutions and user compliance on their devices. For instance: – as per the Kaspersky team – “As of January 2021, the number of global users encountering various threats, e.g. using popular online learning platforms as a lure, reached 270 171 – a 60 per cent increase when compared to the first half of 2020.”
From the network security architect’s perspective, this has brought large changes to the application portfolio, based on the need to secure an organisation’s online presence. However, the biggest change in the role of the network security architect probably occured in recent years due to the advent of new technologies and a change in technologies such as IoT, distributed cloud, blockchain and serverless micro services. In addition, organisations are looking for automatic scaling and lower runtime costs, along with options of demand-based flexibility to run and access applications through modern security architecture.
To enable a secure way to consume IT services, security has become much more important to organisations in recent years. Cloud and network security, application security, cyber defence, security compliance, identity and access management, mobile security, including security related to Internet of Things (IoT), etc. now must be taken care of by the network security architect.
The importance of compliance
Compliance has also become extremely important in the past few years and this has impacted the role of a network security architect. Compliance and governance form a large part of this role, as the architect needs to consider regulations such as the General Data Protection Regulation (GDPR), the Protection of Personal Information Act (PoPI), and other industry relevant compliances, etc.
In terms of skills that a network security architect needs to possess, it is somewhat of a combination. There is a requirement in three particular areas, including technical skills, understanding compliance as well as an ability to keep up with the impact of changing infrastructure, and strong analytical skills.
New technologies
A network security architect must be aware of the changing landscape and technological enhancement occuring through AI – ML and their business values. Most importantly, a need to know how these may fit into the network along with existing and the influx of new technologies.
For example, they need to know how blockchain impacts the nature of the business and how this changes the way that the organisation does things. While it is important to keep up to date with those constant changes, it does not mean that the network security architect needs to know in-depth details, but should rather have a high-level overview.
Compliance and Regulations
From a training perspective, first is local and regional compliance and regulations. Network security architects need to be cognisant of the requirements for regulations such as GDPR, PoPI etc., as well as the nature of such Acts and their implications. Therefore, they need to understand what is required to comply and should complete training in these regulations.
Market trends and updates
Thirdly, is to keep abreast with latest technology trends and predictions. However, the network security architect should not be focused on a specific company to offer training but should rather look towards industry-specific trends and innovations.
The network security architect brings immense value to an organisation today, as companies’ growing online presence has seen data become the new oil. Most organisations are exposed to cybersecurity threats, but a cybersecurity architecture plan helps us to implement and monitor an organisation’s network security system. A cybersecurity architecture framework positions all your security controls against any form of malicious actors and how they relate to your overall systems architecture. Couple this with the increase in cybercrime, and the requirement to secure infrastructure becomes extremely important.
The network security architect is involved in various phases to keep maintaining an organisation’s security postures:
• Architecture risk assessment: focused to evaluate the influence of vital business assets, the risks, and the effects of vulnerabilities and security threats to the organisation.
• Security architecture and design: Defining the design and architecture of security services to aid the protection of the organisation’s assets in order to facilitate business risk exposure objectives and goals.
• Implementation: the actual execution of designed architecture, aimed to ensure that the security policy and standards, security architecture decisions, and risk management are fully implemented and effective for a long period.
• Operations and monitoring: focused on measures like threat and vulnerability management are taken to monitor, supervise and handle the operational state in addition to examining the impact of the system’s security.
• Compliance: bring the correct level of visibility to industry specific compliance reporting and ensuring the access of relevant data to the correct people.
Security is often an afterthought, as traditional security may be perceived as hampering business agility. In addition to the above, the network security architect is also responsible to ensure that they have a new paradigm of flexible, cloud-based, resilient architectures that deliver scalable security services at the speed of DevOps. Considering these factors, it makes the role of the network security architect extremely valuable nowadays.
