Weekly information and insights to help you think about security architecture from a business perspective--and a whole lot differently than you probably do now! Are you a security architect looking to find a way to provide better security for your organization by doing a whole lot less work than you're doing today? Are you an enterprise, solution or application architect that wants to effectively embed security controls and countermeasures into the architecture work you do? Or are you a CISO looking to get more value out of the security architecture work your team is already doing? If you are, then you've found the right podcast, because each week, I talk about security architecture a whole lot differently than most people in order to: * get more leverage from the work you do; * work smarter and not harder; and * emphasize the conceptual architecture and design aspects of security architecture that are normally lost or overlooked by many people. To do this, I leverage the entire breadth of skills I've developed in business, marketing, psychology, management, leadership, communications and negotiation over the last 20 years of my professional career. And I integrate all of these areas from a systems thinking perspective with my background in Computer Science, software delivery, quality assurance and developing software and solution architectures for multi-million dollar projects around the world using SABSA® as the common basis to hold it all together. Each episode gives you a condensed, highly-focused tip, insight or idea about applying and integrating security into the very fabric of your organization. There's no technology. There's no product reviews. It's just all about the practice of real architecture and design necessary to help keep your organization safe. How can I do this? Because I've had a lot of practice. And over the course of using, refining and even extending the SABSA approach to enterprise security architecture, I've come up with a simple and straightforward way to help business and technology people understand not only their organizations, but the way risk and security helps people do the work they need to do. And it works no matter if you're using TOGAF®, SAFe®, Agile, DevOps, DevSecOps or even stage-gate based security reviews. In this podcast, you'll learn how to simplify the complexity normally associated with security architecture based on starting with a formalized conceptual approach. Once you have this, you'll then understand how to get real leverage in your security program by only doing the "security" work once--no matter what environment you're in... ...how often the technology landscape changes... ...the number of new vulnerabilities cataloged each day... ...or the newest and scariest bad guy that comes on the scene. My mantra is do the work once, and then use that work over and over again as much as you can. This approach gives you the ability to easily adapt to change, evaluate and adopt new security technologies... ...and still keep things focused on helping the organization do the work it needs to do, as quickly and safely as possible. Doing that is what being a business-driven security program is all about. But you're not going to be able to deliver it without changing the way you think about security. And you're certainly not going to do it without changing the way you think about security architecture. So, if you're ready to challenge your assumptions about what security is, how it works, and, perhaps most importantly... ...how hard it is to do... ...then have a listen to any single short episode and see what you think. And if you like it, don't forget to subscribe, so you get new tips and insights in your ears each and every single week. Stay safe, ast -- Andrew S. Townley Archistry Chief Executive
Ever wanted to be famous as a security architect? Well, it is possible--and for all the right reasons. All you need to do is figure out how to get the CEO to put your picture on his wall. The rest…well, it’ll work itself out. The post How To Get Your CEO To Put Your Picture On His Wall appeared first on Archistry.
While you might remember the famous quote about ships in the harbor, how much have you thought about fear--especially in the context of your organization…and your security program? In this episode, I talk a bit about fear and what to do about it when it comes to improving the effectiveness of your security program. The post Ships, Safety and Saying “No” appeared first on Archistry.
Sometimes the things we do to try and get better…be better…ultimately backfire. And it’s due to the way we human animals are wired, so it doesn’t matter if it’s weight loss or security--some things are just “things.” In this episode, I explore some of the ways your security program just might be making you fat. The post Is your security program making you fat? appeared first on Archistry.
Most people don’t really know it, but there’s actually two types of “security architect” out there, and the fact that you only know about one could not only be limiting your own career as a security architect, it might also be unintentionally sabotaging your organization’s entire security program. In this episode, I talk about the […] The post The security architecture shift that sets you free appeared first on Archistry.
There’s a funny thing about security professionals that some would argue makes us able to do the job we do. However, it’s something that, as I progressed in my career, I realized can get in our way more often than not. And, when it does, we can fail to recognize what we really have when […] The post What you actually have when you think you have nothing appeared first on Archistry.
There’s a lot of talk in the security world about “what’s next?” and “what does the future look like?” Frankly, if you put them all together, there’s a lot of core ideas that never quite seem to materialize. However, in this episode I take a look at what the most likely future of security will […] The post The real future of security appeared first on Archistry.
Lessons for what we need to do to build more effective security architectures are all around us, all the time. In fact, today’s episode comes from Robert Redford, and it’s something we should be carrying in our security architecture kit bag. Are you carrying it? And if you are, can you use it? The post Robert Redford’s Lesson for Security Architects appeared first on Archistry.
Brace yourself, because this one comes in a bit hot. It does so because I’m getting more than a little tired of people not really understanding what the whole “Zero Trust” thing is actually about and acting like it’s something truly revolutionary. It isn’t. And in this episode, I’ll tell you exactly why. The post Are you drinking the "Zero Trust" Kool-Aid from a poisoned chalice? appeared first on Archistry.
Now you might not immediately think it’s possible to use the words “fast” and “SABSA®” in the same sentence without contradicting yourself. However, this is often the unfortunate reality for many people once they go through the official SABSA training. In this episode, I tell you why this can happen, and I share with you […] The post Building Security Architectures FAST with SABSA® appeared first on Archistry.
Have you ever struggled to define your enterprise security architecture (ESA)? Well, if you have, then there’s probably a reason for that, and what you need to identify to form the basis of your ESA is what this short episode is all about. Of course, my approach is all about using SABSA® and The Agile Security […] The post Your ESA is there…you just need to uncover it appeared first on Archistry.
© 2020-2025 Ivy Podcast Discovery LLC
