Welcome to the Institute's Technical Departments
ISAUnited is a Standards Development Organization (SDO) built on working technical departments that turn practice into proof. Each department convenes practitioners, task groups, and fellows to shape requirements, technical specifications, verification, validation, and evidence that strengthen the Defensible 10 Standards Project (D10S). Together, these departments create a disciplined pipeline from research and real-world failure patterns to published standards that can be applied, tested, and demonstrated across enterprise environments.
Cybersecurity Architecture Department
The Architecture Department defines how secure enterprise systems should be structured before they are built. Members design architecture models, map security requirements to system structures, and lead design reviews that drive consistency across domains. This work aligns with the Defensible 10 Standards by turning architectural intent into measurable security outcomes, traceable decisions, and repeatable patterns that scale across components, systems, and systems of systems.
Spotlights:
-
Build multi-layered architecture models and control placement guidance
-
Drive risk assessment and mitigation strategies as an architecture discipline
-
Translate emerging technology risk into forward-looking architecture decisions
Cybersecurity Engineering Department
The Engineering Department turns architecture decisions into implemented, maintained, and defensible controls across real platforms. Members develop engineering methods, integrate security tooling into operational environments, and document outcomes to verify and repeat them. This department strengthens the Defensible 10 Standards by grounding standards language in 'build' reality, operational constraints, and evidence that a control works as designed.
Spotlights:
-
Build competence in tools and technologies, configuration, and integration
-
Apply systematic operational problem-solving and root cause discipline
-
Produce clear documentation and reporting that supports verification and evidence
Security by Design Department
The Security by Design Department ensures security is engineered into products and platforms from the earliest design decisions through release and sustained maintenance. Members define security requirements early, lead threat modeling and risk assessment, and establish security testing expectations throughout development. This department strengthens the Defensible 10 Standards by ensuring standards are implementable inside delivery workflows, with clear acceptance criteria and repeatable evidence across teams.
Spotlights:
-
Establish Secure Development Life Cycle practices and security gates
-
Lead threat modeling, risk prioritization, and mitigation planning
-
Build security culture through training, guidance, and cross-team communication
Applied Cyber Sciences Department
The Applied Cyber Sciences Department advances research and scientific rigor that validates what works, what fails, and why. Located within the Technical Research Center, it transforms real-world threat data, simulation, and validation into defensible guidance that informs standards and engineering decisions. This department strengthens the Defensible 10 Standards by supplying evidence, test methods, and research outputs that raise standards from guidance to demonstrated performance.
Spotlights:
-
Produce evidence-based cyber threat intelligence and adversary emulation
-
Translate threat insights into actionable defensive outcomes
-
Validate standards through research, simulation, and repeatable tests
Cybercrime Department (Coming Soon 2026)
The Cybercrime Department will sharpen architecture and engineering decisions by grounding them in criminal tradecraft, investigative realities, and legal context. It will fuse cybercriminal intelligence, digital forensics, and United States cyber law insights to improve how systems are designed, instrumented, and defended. This department strengthens the Defensible 10 Standards by aligning requirements and evidence expectations with how incidents are investigated, attributed, and prosecuted.
Library
Publications
ISAU Library is your platform for the latest in security architecture design and practice. This core collection covers all technical areas of security architecture. ISAU’s Library includes:
Foundational and Technical Standards
E-books
Journals
Manuals and Reports
and more.
ISAU continues to respond to practitioners’ needs for reliable professional tools. We will continue to share updates on our standards transformation.
Join our community today!