March 23, 2017

Where Do You Start Your Security Architecture?

BY :     March 23, 2017

It´s not that easy to start creating a Security Architecture when it’s hard to define it in the first place.  A Security Architecture has a few starting points. The first one is the realization that you have something to protect. That may sound very simple but without your assets defined you cannot define a security architecture.

Before you need to start building the list of requirements you need to adhere to the following:

This list consists of your risk analysis, applicable laws you need to adhere to and compliance schemes you need to follow. Of course, you could have others that are on a voluntary basis and those should be included in the list as well as long as you don´t regard them as strict mandatory.

The list you provide will be your risk register that you will start working with.

Follow the series of blogs about Security Architecture by subscribing to the blog.

Jesper Kråkhede


Jesper Kråkhede has had a long and diverse career within as disparate areas as social worker and security architect. From 1995 till 1998 he worked as a social worker/IT-responsible but decided to quit the same day a client tried to stab him with a screwdriver. After attending different courses he started as an infrastructure consultant at MercatoR 1998 where he started looking more deeply into the field of security. 2001 he moved on to G2 Solutions for a year where the focus area was secure coding. In 2002 he joined Capgemini as an infrastructure engineer and soon began to build a security practice. As Jesper is a very curious person he has worked in all fields of security from pen testing to security strategy but the last eight years his primary focus has been security architecture and compliance.

More on Jesper Kråkhede.

Related Posts

Your email address will not be published. Required fields are marked *

3 + 2 =

    *Opinions expressed on this blog reflect the writer’s views and not the position of the Sogeti Group