Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects

The way this book is laid out, it puts together all the components to scope and build a secure architecture. By engineering the network architecture to be reliable, robust and secure, you save money, time, and avoid the regulatory nightmares (when a breach inevitably happens). I love how the authors go beyond the basic building blocks to also discuss soft issues, like finding a champion in your organization to help support the security mission, and talking the talk of business NOT cyber so that the leaders can work with your objectives. So many more nuggets in here. It has all the elements needed for secure architecture in ONE read. Very USEFUL reference guide.

As a professional in the cybersecurity industry, I have quite the assortment of books and reference material that I constantly turn to for knowledge. This quickly became a favorite in my collection. The methodologies outlined in the book are instructive, intriguing, and helpful in understanding the techniques that modern-day security professionals should keep top of mind. With so many dense and boring cybersecurity reads, the conversational tone of the book really helps in digesting the information provided. If you're in search of a book that covers the concepts, standards, and frameworks that you MUST know in cybersecurity, look no further than this book.

I recently finished reading this book and during this time I kept waiting for it to provide some serious, in-depth coverage of "security architecture" but it never did! The book is approximately 400 pages, but it could have been reduced to 200 pages without effecting the context.It seems to me that they only covered the topic from a very high level or perspective, or it was their initial plan to write something for those who have no idea about security or architecture.Some reasons why I did not like the book:- Lack of serious, in-depth coverage- Lack of detailed industry examples or scenarios- A lot of repetition and overlaps that was unnecessary- Frameworks referenced throughout the book are not explained or organized - there is no structure to how/why they are referring to a frameworkI guess if someone wanted something with greater details or a more highly technical book, one can refer to:1. Security Engineering: A Guide to Building Dependable Distributed Systems2. Enterprise Security Architecture: A Business-Driven ApproachThis book may work for a basic university/college class but it cannot and shouldn't be used as on-job reference.

Recently finished my copy of "Practical Cybersecurity Architecture" by Ed Moyle and Diana Kelley on Kindle. My only regret is I wish I had it read it in paper form because it would be dog-eared, underlined and highlighted though out. I went to work with a defense subcontractor this past spring to help get them past the goal line of CMMC. In preparation for this, I have read several thousands of pages of NIST special publications all year. But how do you tie them all in. What piece do you start with first?Let me describe it this way. NIST 800-171 is like big bucket of Lego's and the government dumps it on the floor and says "Now build me a secure system". Guess what, you are not building your 3,803 piece Death Star without the instruction manual and that's what this book is. It takes all the pieces, tells you where to start, what to look for , what each piece does, and the order of assembly. Sure you can cobble something together that may work but your probably leaving open (pardon the second Star Wars reference here) the vulnerable "Thermal Exhaust Port".Your network should be reviewed from the ground up. If as in my case, most of it was in place, then use this book as a checklist as what to what was done right and what can be done better. CMMC is looming large, there is no more self attestation. Accreditors are coming and you have to have your ducks in a row. This book doesn't read as another boring technical manual but rather like a series of conversations with mentors, sitting across the table from you, trying to explain things that are important and that they truly want you to understand.There is a conversationalist style to this book that you'll find refreshing.

Ed Moyle and Diana Kelly’s Practical Cybersecurity Architecture, A guide to creating and implementing robust designs for Cybersecurity Architecture, is a book for both the serious cybersecurity practitioner or someone new to the industry. Keep Practical Cybersecurity Architecture close by! as you will surely find its content the oil needed to unstick a challenging problem, or the compass needed to help guide through uncharted waters. It contains a collective view of a handful of professionals who have been working with cybersecurity architecture for decades.The book starts with an introduction of cybersecurity architecture concepts, standards, frameworks, roles, and more–and moves on to expand each topic in great depth–while providing tips and guidance for their practical application throughout. Ed and Diana gracefully layer in useful quotes and anecdotes from seasoned professionals which highlight the upcoming sections and keep the reader's interest throughout.This book is dense and is not one you just sit and read front to back–but rather, it’s a book you keep with you as you work–scratching out solutions, project plans, and while aligning to business goals.As an analyst recently looking to take the next step in my career–seeking to marry my previous experience as a database admin/architect–Practical Cybersecurity Architecture hits the spot. It provides a clear definition as to what that might look like for me. It will go on a nearby bookshelf, so I have it handy as I contribute to enterprise wide projects, tackle challenging cybersecurity problems, or am called upon as a subject matter expert.