I recently published new research — Establish An Enterprise And Security Architecture Partnership To Improve Collaboration — covering the importance of fostering partnership between enterprise architecture (EA) and security architecture (SA). Initially, I set out to uncover what friction existed between the two functions. As research progressed, however, I soon discovered that the “friction” that may or may not exist between the two is actually the outcome of a more pressing concern. Thanks to informative interviews, investigative research, and constructive conversations with my colleagues, Charlie Betz and Allie Mellen, we concluded that the problem isn’t how the two functions interact but is rather the organization’s perception of the value that the collaboration between the two brings.

So instead of telling a tired tale of why two functions in IT and security butt heads, this research aims to bring awareness to the value that they deliver as it relates to a holistic architecture for supporting and enabling a business’s ability to provide value-based outcomes. That being said, I wanted to highlight the benefits that EA and SA bring:

  • EA teams navigate complex org structures as business and technical advisors to develop an architectural blueprint that fosters modernization efforts, cost reductions, and an improved customer/employee experience to enable growth.
  • SA teams act as the proverbial “safety” feature on the fast-moving car of innovation and digital transformation. They standardize security policies and incorporate proactive and reactive controls throughout the architecture to protect the organization and its assets.

None of this is a surprise to those involved with either of the two functions. As the speed and scale of today’s technological advancements continue to outpace our ability to adapt and defend, however, the need for joint, collaborative work between EA and SA grows.

Organizations that only have EA but no real SA will look to ensure that they can support continued modernization. Furthermore, EA and SA collaboration will go a long way to protecting the trust that organizations hold with their customers and stakeholders.

We identified three core areas where an EA and SA partnership matters most:

  1. Planning and design. Ensure that projects remain on the right path. Both EA and SA must be viewed as valued partners throughout the planning and design phase of any technology, process, or architectural change.
  2. Technology and processes. Establish the appropriateness of technologies and processes that are planned for or actively being implemented. Uniformity around people, process, and technology brings a greater chance of success.
  3. Implementation and evaluation. Prevent time and resource loss by leveraging a collaborative validation process between EA and SA to reduce overlapping or outright unnecessary solutions that don’t aid in achieving value-based outcomes.

Forrester clients can view the full report here or can request an inquiry or guidance session with me here.