In-person ESA events in Sydney (2nd March) & Melbourne (5th March). Explore how automating an ESA Framework transforms security from a resource-constrained control function into a scalable, business-enabling capability
Insights & Resources
News
Enabling Innovation: Automating Enterprise Security Architecture to Accelerate Business Agility – Sydney & Melbourne March 2026
Architecting Secure & Responsible AI Webinar: Agentic AI – 5 March 2026
The first instalment of our quarterly webinars on Secure & Responsible AI - Agentic AI. Learn how Large Language Models are evolving into the next wave of AI Agents—and why this shift is reshaping the future of software, business, and the web itself.
ISACA Melbourne SAWG – Turning SABSA Theory into Executive Decisions: An Interactive Role-Play Workshop 19 February 2026
A demonstration of a live discovery with a CEO and CISO, translating business objectives and constraints into a SABSA-aligned attributes-driven security architecture with clear traceability from business requirements to architectural outcomes and investment decisions.
ISACA Canberra Conference, 7 November 2025
Chief Architect Dr. Malcolm Shore will present on Applying SABSA to Secure AI Business Value at the ISACA Canberra 2025 Conference on 7th November.
Insights
Architecting Agentic AI Semantic Conventions
By projecting the semantic conventions of Agentic AI, a layered architecture can be easily developed, and by mapping this to the SABSA Governance Framework an Agentic AI Governance model emerges.
AI Readiness Assessment
Take a strategic look at your ability to adopt and benefit from AI deployment and provide key insights into the organisational capability and understanding of what is required to effectively manage AI with our free online AI Readiness Self-Assessment.
Architecting Information for AI
The recent emergence of AI into the consumer, business, and government space has introduced not just new demands on access to data, but a whole new industry around data science in order to build AI models that can reason using plain language. As architects we must ensure that whatever emerges from data science architected and aligned with business requirements in order to contribute value.
Enabling Australian Business to Adopt ASD ACSC’s Modern Defensible Architecture
Empower and support your organisation to deliver not just the ASD ACSC's Modern Defensible Architecture (MDA) itself but the critical artefacts and principles recommended to achieve the MDA in reality by leveraging Enterprise Security Architecture Principles.
Resources
Responsible AI Reference Architecture
To be effective, the deployment of AI in enterprises needs to be carried out in a responsible manner, ensuring safety for users and the business, and security of the models and datasets. An AI Reference Architecture can identify and categorise the services required for a safe and secure environment for AI.
Enterprise Security Architecture (ESA) Principles
An explanation of SABSA®’s Principles for Enterprise Security Architecture, revealing the most common client mistakes we encounter, and demonstrating how we at David Lynas Consulting use ESA Principles.
W100 – The SABSA White Paper
An executive summary of the SABSA Method, it’s tools, techniques and concepts. White Paper from The SABSA Institute.
W103 – SABSA Responsibility Assignment Modelling
An introduction to SABSA Responsibility Assignment Modelling and the abstract and conceptual views of stakeholders’ roles and responsibilities.
Video
AI Security Architecture
Join Dr. Malcolm Shore discusses AI Security Architecture. Learn how to architect security solutions to manage the risk from cyber attacks and AI malfunctioning.
The Business of Risk
How can we make The Business of Risk meaningful, credible, and clearly understood? How do we provide accurate Risk Context for decision-making that balances the likelihood of loss with the possibility of gain?
SABSA’s Integrated Controls Library
Explorie how the Integrated Controls Library (ICL), a centralized repository for information about an organization’s approved security controls and associated meta-data, plays a critical role in fully realizing an enterprise security architecture’s full range of benefits.