Security architecture is the design discipline that aligns security capabilities with business requirements, defines security domains and their relationships, and establishes principles that guide technology and process decisions across an organization. A security architect designs the structure within which all security controls, policies, and processes operate coherently.
Enterprise security architectures use frameworks like SABSA, TOGAF, and Zachman to structure the relationship between business objectives, information assets, technical environments, and security controls.
CISSP Relevance
Security architecture is the primary focus of Domain 3 (Security Architecture and Engineering). CISSP candidates must understand security design principles, common architecture models, trusted computing concepts, and how to evaluate system architectures for weaknesses before they are built.
External reference: NIST SP 800-160 Systems Security Engineering
Related terms: Security by Design, Defense in Depth