Executive Summary
The “Security Architect and Cybersecurity Report” looks closely at how security architects are approaching cybersecurity as well as the changing role of the security architect. Based on survey findings, the following are some of the key takeaways:
1. The security architect has an increasingly high-profile role with responsibilities spanning a wide range of infrastructure capabilities. Nearly two-thirds report directly to a C-level executive.
2. The role of the security architect is primarily strategic and not tactical. Their top success metrics focus on issues such as integration, automation, and DevOps security. Tactical metrics such as vulnerabilities found, intrusions stopped, and breach mitigation are less important in the grading of the security architect’s performance.
3. Security architects have confidence in their organization’s protection level and ability to manage risk, but they still struggle with unknown and zero-day threats. All believe that they can defend against known threats, but more than half acknowledge challenges in protecting against unknown and zero-day exploits.
4. Security architects track a wide range of metrics, but fewer than half track risk outcomes or vulnerabilities.
Given these trends and challenges, we analyzed the data more deeply and identified a subset of respondents who reported no intrusions in the past year that we deem top-tier security organizations. At the same time, we pinpointed another subset that had more than six intrusions in the same time frame and deemed them bottom-tier security organizations.
The differences in practice between these two groups are instructive—specifically, the traits of top-tier organizations/security architects. In a nutshell, these best practices reflect a holistic, integrated approach to cybersecurity that eliminates silos, enables automation of security response, and provides the best protection against advanced threats.
