The ROI of Security Architecture

More and more organisations are advertising for Security Architects and Enterprise Security Architects. Role descriptions for these positions are getting more specific and certifications like SABSA are requested by organisations seeking applicants. It appears that there is a greater demand for security architects and their outputs. But, what is the business value of a security architecture capability? What return on investment (ROI) does a good enterprise security architect can provide? Do organisations have to take a leap of faith when building up such a capability?

In this session we will discuss and share ideas around quantifying the business value of security architecture. How do we sell security architecture to an organisation and can hold ourselves, as security architects, accountable for the results? Are there any good metrics we can define to clearly demonstrate the business value of a security architecture? How does security architecture compare to other capabilities in an organisation? 

Please join us for a lively discussion, if this topic is of interest to you.