Security in a box – a blueprint for cloud security architecture

Imagine what security could be if not constrained by a large technology debt accumulated over the years of running legacy systems and applications. What if security capabilities can be procured as a black box service when you need it, as soon as you need it?

This paper talks about how common security challenges can be solved in new ways. The services described are based on solutions and propositions that are available right now and should be considered by any architect that is tasked with protecting information in the cloud. It is intended for all those responsible for securing cloud environments, be it a technology-centric copmany such as Netflix or Uber with "Cloud Native" environments or "Cloud Evolved" organisations that are extending their legacy environments to the cloud.

In today's technology-driven world, there are a number of emerging macro trends that are re-defining the way organisations consume technology. These macro trends include

  • The adoption of digital services to improve customer engagmeent and service.
  • The execution of "cloud first" strategies to improve the total cost of ownership of Information Technology.
  • The promotion of a "sharing economy", through principles such as PSD2 and Open Banking regulations.

These trends are also shifting the technology architecture thinking from an arms-length closed off position to an open and collaborative one and driving:

  • the use of APIs to facilitate sharing of information or various other digital transactions between organisations
  • the migration of business critical systems into third party managed cloud environments
  • the adoptions of agile development methodologies (i.e. DevOps) to improve the speed of innovation and time to market.

To adapt to these changes, Security leaders need to re-evaluate the way they design and build their cyber security capabilities. Reliance on traditional waterfall-based delivery of data-centre focused controls won't be sufficient to secure the fast-paced collaborative business.

The new way of thinking about Security Services

This article seeks to advise how security professionals may adapt security delivery models to support these trends and ensure businesses can maintain trust in a digital society, through deploying 'a box' of security capabilities.

The solution is a set of scalable, flexible, automated, cloud based security utility services using security APIs, which can easily be commissioned and decommissioned based on the specific needs of an organisation, creating a "box of security capabilities" that can be customised at will. In order words, "security in a box".

Contact us

Anton Tkachov

Financial Services - Chief Security Architect, PwC United Kingdom

Tel: +44 (0)20 7212 5216

Follow us