SABSA - Sherwood Applied Business Security Architecture

What is the Sherwood Applied Business Security Architecture (SABSA)?

SABSA (Sherwood Applied Business Security Architecture) is a business-driven security framework created by John Sherwood in the mid-1990s. It aims to develop a security strategy that aligns with an organization’s overall business goals, focusing on both technical security and business needs.

SABSA emphasizes a holistic approach through its key principles:

  1. Business Alignment: Security strategies must align with business objectives.
  2. Risk Management: Identifying and mitigating risks that impact business operations.
  3. Lifecycle Approach: It applies across an enterprise’s entire lifecycle, from strategy to operations.

SABSA Model: Six Layers of Security

The framework includes six layers, organized in a matrix, each addressing different aspects of security:

  1. Contextual Security Architecture (Business Requirements): Defines business goals, drivers, and risk appetite.
  2. Conceptual Security Architecture (Business Attributes): Develops high-level security policies to meet business needs.
  3. Logical Security Architecture (Security Services): Designs security services like access control, encryption, and monitoring.
  4. Physical Security Architecture (Components): Translates logical designs into specific technologies like firewalls and VPNs.
  5. Component Security Architecture (Security Controls): Focuses on implementing specific security controls in the IT environment.
  6. Operational Security Architecture (Management & Monitoring): Ensures ongoing management, monitoring, and incident response.

Each layer addresses varying abstraction levels, ensuring that security measures align with both business and technical requirements.

SABSA Lifecycle

The SABSA lifecycle is an iterative process to ensure continuous alignment with evolving business goals, technology, and threats. It includes:

  1. Strategy & Planning: Defines business requirements and risk strategies.
  2. Design: Develops security solutions.
  3. Implementation: Deploys security technologies and services.
  4. Manage & Operate: Ongoing management and monitoring.
  5. Monitor & Improve: Continuous assessment and adjustment of security measures.

Business Attributes Profile (BAP)

A core innovation in SABSA is the Business Attributes Profile, which ensures that security measures address the organization’s needs. Attributes like confidentiality, integrity, and availability are linked to security measures, ensuring that technical security solutions deliver business value.

In summary, SABSA provides a structured, comprehensive approach to security architecture that prioritizes business objectives, risk management, and continuous adaptation to changing threats.

You may also find interesting

Core Concepts

Videos

You may also find interesting

Core Concepts

Videos