Enterprise Architecture Frameworks Assessment: Capabilities, Cyber Security and Resiliency Review
Title | Enterprise Architecture Frameworks Assessment: Capabilities, Cyber Security and Resiliency Review |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Al-Turkistani, Hilalah F., Aldobaian, Samar, Latif, Rabia |
Conference Name | 2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA) |
Keywords | Buildings, capabilities, Companies, Complexity theory, Computer crime, cyber security requirement, cybersecurity, Data analysis, Enterprise Architecture, information technology, NIST, pubcrawl, Resiliency, resilient, Resilient Security Architectures, security architecture framework |
Abstract | Recent technological advancement demands organizations to have measures in place to manage their Information Technology (IT) systems. Enterprise Architecture Frameworks (EAF) offer companies an efficient technique to manage their IT systems aligning their business requirements with effective solutions. As a result, experts have developed multiple EAF's such as TOGAF, Zachman, MoDAF, DoDAF, SABSA to help organizations to achieve their objectives by reducing the costs and complexity. These frameworks however, concentrate mostly on business needs lacking holistic enterprise-wide security practices, which may cause enterprises to be exposed for significant security risks resulting financial loss. This study focuses on evaluating business capabilities in TOGAF, NIST, COBIT, MoDAF, DoDAF, SABSA, and Zachman, and identify essential security requirements in TOGAF, SABSA and COBIT19 frameworks by comparing their resiliency processes, which helps organization to easily select applicable framework. The study shows that; besides business requirements, EAF need to include precise cybersecurity guidelines aligning EA business strategies. Enterprises now need to focus more on building resilient approach, which is beyond of protection, detection and prevention. Now enterprises should be ready to withstand against the cyber-attacks applying relevant cyber resiliency approach improving the way of dealing with impacts of cybersecurity risks. |
DOI | 10.1109/CAIDA51941.2021.9425343 |
Citation Key | al-turkistani_enterprise_2021 |