As the transformation to hybrid multicloud accelerates, businesses require a structured approach to securing their workloads. Adopting zero trust principles demands a systematic set of practices to deliver secure solutions. Regulated businesses, in particular, demand rigor in the architectural process to ensure the effectiveness of security controls and continued protection.

This book provides the first comprehensive method for hybrid multicloud security, integrating proven architectural techniques to deliver a comprehensive end-to-end security method with compliance, threat modeling, and zero trust practices. This method ensures repeatability and consistency in the development of secure solution architectures.

Architects will learn how to effectively identify threats and implement countermeasures through a combination of techniques, work products, and a demonstrative case study to reinforce learning. You'll examine:

• The importance of developing a solution architecture that integrates security for clear communication
• Roles that security architects perform and how the techniques relate to nonsecurity subject matter experts
• How security solution architecture is related to design thinking, enterprise security architecture, and engineering
• How architects can integrate security into a solution architecture for applications and infrastructure using a consistent end-to-end set of practices
• How to apply architectural thinking to the development of new security solutions

  About the authors

  Mark Buckwell is a cloud security architect at IBM with 30 years of information security experience.

  Carsten Horst with more than 20 years of experience in Cybersecurity is a certified security architect and Associate Partner at IBM.

  Stefaan Van daele has 25 years experience in Cybersecurity and is a Level 3 certified security architect at IBM.