Security Architecture
Welcome to Security Architecture
We are dedicated to exploring the world of cybersecurity architecture. This community is a hub for professionals, enthusiasts, and learners who are passionate about designing robust and resilient security solutions to protect digital assets.
Here, you can expect to find a wide range of content including:
- Discussions and Advice
- Share Useful Resources
- Case Studies and Success Stories
- News and Updates
- Tools and Technologies
- Learning Resources
- Career and Professional Development
Whether you're a seasoned cybersecurity architect, an aspiring professional, or someone who simply wants to understand the intricacies of cybersecurity architecture, this community provides a platform to share knowledge, exchange ideas, and engage in discussions related to this evolving field.
We emphasize a supportive and inclusive environment where everyone can contribute their unique perspectives and experiences. We encourage respectful discussions, collaboration, and the sharing of valuable resources to foster a vibrant and knowledgeable community.
Rules:
- No bigotry: Including racism, sexism, homophobia, transphobia, or xenophobia.
- Be respectful. Everyone should feel welcome here.
- No NSFW content.
- No Ads / Spamming.
- No Sales posts or solicitation
- All other instance rules apply
view the rest of the comments
I'm an IT risk manager of a small bank. I have a risk log which is in part based on threats for most of the security risks. It's updated yearly through a risk and control self assessment (although I do more work on the "self" assessment than IT does) or when major changes happen.
I think this is what most people do but as I mentioned on another comment, it was suggested to me to do threat models instead or as an addition (I forgot which way the person pitched it to me). So naturally, I was curious to see if anyone else actually did that as it seems like this would be a significant effort.