CSC Security Stack: An Integrated Security Service
Author: Carlos Solari, Dean Weber, Victor Harrison
The CSC Security Stack white paper lifts the fog of complexity with regards to the cybersecurity challenges businesses and governments face. CSC subject matter experts collaborated on a straightforward means both to visualize the intricacy of cybersecurity challenges and to see through to comprehensive, effective integrate security service solutions.
The authors use the term "stack" strictly as analogous to other well accepted stacks (e.g., the OSI model) where layers deliver integrated security services and exchange information to achieve a higher level service. The notion of a "security stack" serves the proposition that security must be an integrated set of services. The paper defines each layer, offers examples of enabling technologies, related standards, and types of professional security services that implement the enabling technologies. It also notes where adequate enabling technologies or standards still need to be developed, or where policies need to be set and implemented to allow information to be exchanged between layers fast enough to keep up with the speed of cybersecurity challenges and emerging threats.