Banking industry have increased dependency upon technology solution that enables their financialrnproducts and services but the convergence of technology renders to increasingly vulnerable tornmalicious attacks. As such, the need to ensure information infrastructure protection of the bankingrnindustry is a must and hence designing security architecture ought to be seen as a good manner.rnMulti-tiered security architecture is a term which has different security technologies andrnmeasures to protect against different vectors of attacks. The main objective of the thesis is torninvestigate and design a multi-tiered security architecture towards information infrastructurernprotection. To achieve the main objective, itâ€Ÿs imperative to identify factors affectingrninformation infrastructure protection. Therefore, a security architecture consisting three mainrnthemes: communication network, associated softwareâ€Ÿs and delivered services was used tornidentify current practice in information infrastructure protection of the bank.rnDesign science research methodology was employed to approach the design andrndevelopment of the architecture following Peffer et al. (2007) process model. The design andrndevelopment of the architecture passed through several stages, initially factors affectingrninformation infrastructure protection were identified using the quantitative, qualitative,rnobservation and network traffic analysis tool, and then these were used as design inputs.rnThere were multiple brainstorming sessions for the design enhancement as participativernmodeling was the overall approach for the architecture design. Given the difference in scopernand magnitude of the challenges identified in the study, the proposed architecturernapproaches information infrastructure protection through continuous improvement.rnThe architecture was finally evaluated in terms of componentâ€Ÿs completeness,rncomprehensiveness and fitness to the organization through an evaluationrnquestionnaire and expert interview, accordingly, the developed architecture hasrncapable to protect information infrastructure of the organization.