5 Steps to Building Your First Security Architecture


This post is by Alex Manea from Georgian


Imagine you’ve been asked to lead security at a company that doesn’t have a strong program in place or wants to significantly upgrade their existing one — either because they suspect it might not be effective, or because a recent cyberattack has proven that to be the case. You’ve obviously got a daunting task ahead, so how do you go about it, and more importantly, where do you even start?

If you work at a startup or growth stage company, chances are you’ve either encountered this scenario in the past, are in this type of situation right now, or will face it in the near future. Maybe you’re a founder or senior employee who has volunteered (or been voluntold) to lead cybersecurity, or you’re an experienced security leader hired to build out the new security program.

I’ve been in this position multiple times and now advise CEOs, CTOs, CISOs and other security leaders on the most effective ways to build out their internal security architecture. While every company and situation is different, there are some approaches that work better than others. 

I’d like to share these approaches and highlight some of the common pitfalls to help kickstart your cybersecurity journey. With that in mind, here’s a step-by-step framework that can act as a guide for starting, or improving, your cybersecurity infrastructure.

Step 1: Map Out Your Current Systems

The first step of any complex task is fact-finding, so before you start building anything, you’ll want to have detailed knowledge (Read more...)