Our goal isn’t just to secure an application, or a physical system, or the network layer. Really our goal is to secure the entire stack. And that’s where our focus is. The below diagram gives you an example of how the various elements of the OSI stack are being delegated (held responsible) by the specialist teams.

The main thing to note: the job of the ‘Security Team’ is to stretch across the entire stack like a cross functional business unit to have visibility, to a certain degree control, and input into the various layers.

securing_the_entire_stack

Application Layer

Developers/programmers and application architects.

Network Layer

Network engineers and network architects.

Physical Layer

Security guards, and facilities personnel.

Security Team

In charge of all the layers to some degree.

 

Advertisements