Summary

Enterprise architecture leaders are in a position to have a significant positive impact on how their business responds to cyber threats; they can determine whether the business response reactive or strategic. However, this means EA leaders must make security a top priority and integral to all they do.

Introduction

After several years of increased sophistication and volume of cyber security threats (e.g., viruses, malware, ransomware, etc.) business and IT leaders are finally waking up to the fact that they face an existential cyber threat. With ransomware threats in the tens of millions of dollars, combined with loss of sensitive customer data organizations cannot ignore security as the most important aspect of all IT activity. Furthermore, organizations are beginning to recognize that security is everyone’s job—not just the responsibility of an IT team in the bowels of the organization’s operations. 

Security and architecting for security is not an option. EA leaders are in a position to have a significant positive impact on how their business respond to cyber threats; namely, is the business response reactive or strategic? 

In this Research Note, we explore ten best-practice topics EA leaders must employ to deliver the highest value to their organization to help guide both a strategic and a future-state informed operational response.