The cybersecurity architecture is guided by the organisation’s risk analysis information (RISK-3d) and threat profile (THREAT-2e)
Context and Guidance: Risk analysis output such as prioritised risk categories, and threat profile information such as targets in certain types of attacks, are potential sources of information on the likely architectural tactics needed to detect, resist, react to, and recover from attacks. To align the cybersecurity architecture with the threat profile, organisations may review the targeted assets, objectives, and attack methods that may be employed by threat actors and adjust the cybersecurity architecture accordingly. For example, maintaining an audit trail is a tactic to support accountability and recovery from attacks, and providing redundant servers is a tactic to support availability and business continuity.
Related Practices • Dependency: Implementing this practice depends upon prior implementation of RISK-3d and THREAT-2e. • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: ARCHITECTURE-1c, ARCHITECTURE-1f, ARCHITECTURE-1j, ARCHITECTURE-1k.