Archistry

Survivability by Design™ since 2006

  • Home
  • About
    • Who Is Andrew?
    • C2T System™
    • The Agile Security System™
  • Contact
You are here: Home / Archistry Daily / It’s time to put the propeller under glass

February 15, 2020

It’s time to put the propeller under glass

I know I’ve talked about this before – most recently in the “architecture wasteland” email the other day – but based on 3 different conversations I had over the last 2 days with experienced, SABSA-certified architects (including a SABSA Master), I think it’s time to take off the kid gloves and do everything I possibly can to address the issue.

The issue is that far too many people don’t understand what a security architect – and especially an Enterprise Security Architect – is supposed to actually do. It’s far too technically focused in most cases, and, as a result, the people we’re granting the “architect” title to simply aren’t capable of getting past the technical detail and thinking beyond ports, protocols…

…and the propeller-caps they’ve worn for most of their careers.

Having a technology background is an asset for sure. Hell, I still write code on a regular basis, so I’m not standing on the outside of the tent pissing in it by any means.

The difference is whether it’s something you have, and therefore it’s a tool you can use at the right time…

…or whether it’s something you are, and it’s something that defines your view of the world and your solutions to the problems you see.

If your propeller-cap is welded to your head, then that’s great. The world needs you, and I’m glad you’re around.

But don’t make the mistake – or let others make the mistake – of thinking you’re an architect when you’re actually a technologist, a specialist or an engineer.

That’s not being an architect—even if people let you define solutions.

A architect is a generalist. And if you want to be a great one, you really need to be a polymath (or at least aspire to be one).

So since we’re in the home stretch before the deadline for registration in the next cohort of Building Effective Security Architectures closes in 7 days, I’m going to do everything I can to try and grow the community of real architects, and that means I’m going to be sending a lot more emails—possibly more than I’ve ever sent before.

And if this is going to bother you, well, you can do one of two things:

  1. delete them on sight without bothering to open them, or
  2. simply unsubscribe from the list.

But if you want to help, then please feel free to forward any of them to anyone else you believe might get value out of the program. I would really appreciate it (and I know some of you already do, because you’ve told me so in person, so thank you).

Because the program is for people who are proud of their propellers, but who are ready to frame them, put them on the wall, and use that knowledge (and the ability to expand it on demand and as required) as a tool to build better architectures.

We don’t cover things at the detail of specific technical controls except in passing. The ultimate focus of the work we’ll do as a cohort over the 7 weeks of the course is to help you build (or polish) skills for thinking logically, in the appropriate levels of abstraction…

…and within the entire context of the problem you’re trying to solve.

That means that the majority of the program stays within the top 3 layers of the SABSA architecture model: the Contextual, Conceptual and Logical layers. Of course, we talk about the details some too—but that’s relatively the easy bit, and it’s the land of the propeller-heads, so, even if you aren’t up to speed, it’s easy enough to find people who are.

The rare ones…and this implies by the basic laws of economics, the most valuable ones…

…are the architects who can truly do architecture.

And that means they’re the ones who can easily interact and communicate effectively with anyone from the Chairman of the Board to the junior Threat Analyst. Because that’s what it takes to understand the problem you’re trying to solve…

…and ensure that the solution and approach you have in mind is actually going to be viable and practical to implement.

If you haven’t yet put your propeller in a glass frame on the wall or on stand on the mantle – but you’re willing to do it – then maybe this program can open your eyes and show you a whole new, much more influential world where you can make a real difference to the way your organization functions.

If you’re already in the club, then, based on the feedback, comments and observations I get when speaking with clients, colleagues and potential customers, I’m pretty sure at least some of what I’ll teach will be new and beneficial for you too.

But if you’re in neither of those camps, have only a technical view of security, are close-minded about what security architecture may mean…or are unwilling to explore ideas of how to untie your own hands and start making a difference as an individual—despite whatever the rest of the organization may think…

…then I have to wonder why you’re reading this email at all, let alone why you’re still on the list.

Of course, I hope you join the cohort, and if you’re at the mercy of the speed of the bureaucratic machinery – like some of you I’ve spoken to directly – that fortune smiles on you and your approval arrives before Friday.

To do it, here’s the link: https://archistry.com/besa

And remember, next Friday’s deadline is a comin’ round the bend lickety-split.

Stay safe,

ast
—
Andrew S. Townley
Archistry Chief Executive

Article by Andrew Townley / Archistry Daily / Agile Security, BESA, SABSA, Security Architect, Security Architecture Skills

  • Email
  • LinkedIn
  • Twitter
  • YouTube

EMAIL NEWSLETTER

Want to get DAILY email tips on how to build a more effective security program so you can prove your security investments deliver value to the business?

You can always unsubscribe at any time, and we won't sell your data to third parties.

About Us

Archistry works with you to ensure what you want to achieve actually gets done, linking strategy, risk, governance and compliance to enable sustained exceptional performance Read More…

Testimonials

Andrew is a highly skilled and experienced information systems architect and consultant, which in my view is a rare thing. He is innovative in his thinking and merits the title of 'thought leader' in his specialist domains of knowledge—in particular the management of risk. Andrew has embraced SABSA as a framework and, in doing so, has been a significant contributor to extending the SABSA body of knowledge."

— John Sherwood, Chief SABSA Architect

"Fabulous person to work with. Very engaging and insightful. Extremely good technical knowledge with ability to relate concepts together and overcome differing opinions. Makes things work."

— Kevin Howe-Patterson, Chief Architect, Nortel - Wireless Data Services

"Andrew was able to bring clarity and great depth of knowledge to the table. His breadth of thinking and understanding of the business and technical issues along with a clear and effective communication style were of great benefit in moving the process forward towards a successful conclusion."

— Doug Reynolds, Product Manager, MobileAware

"Andrew is a fabulous consultant and presenter that you simply enjoy listening to, as he manages to develop highly sophisticated subjects in very understandable way. His experience is actually surprising and his thoughts leave you without considerable arguments for any doubts in the subjects he covers."

— Biljana Cerin, Director, Information Security and Compliance

Recent Posts

  • If you want better security, you’d better have a better security architecture
  • The ultimate security song to keep you focused on what you’re doing
  • Security heroes
  • There’s always a people problem
  • Putting your data flow diagrams out to pasture…for good

Looking for something else?

  • Home
  • About
  • Contact

  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Copyright © 2006-2025 Archistry Incorporated or its affiliates

"Archistry", the stained glass window logo, "Pragmantix" and the Pragmantix™ logo, "Archistry Execution Framework (AEF)", "Archistry Execution Framework, Cybersecurity Edition (ACS)", "The Agile Security System", "The Agile Business System", "Baseline Perspectives", "Architecture Wall", "Archistry Execution Engine", "Renegade Security", "Renegade Security System", "Security Value Delivery System (SVDS)" "Collapse-to-Traction", "Collapse-to-Traction System", "Adaptive Trust & Governance Model (ATGM)", and "Adaptive Trust & Governance Model for Organizations (ATGM4O)" are trademarks of Archistry Incorporated or its affiliates.