Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape

From Sounil Yu, a security innovator with a deep knowledge of computer systems and a career spanning more than three decades as an executive leader of information technology and security tackling cybersecurity challenges in the federal government, military, and private sector. Currently, he is the CISO and Head of Research at JupiterOne, a cloud-native asset management and security platform.

Overview:
His new book, Cyber Defense Matrix, helps practitioners, vendors, and investors understand the range of capabilities needed to build, manage, and operate a security program. The simple, logical construct of the Matrix organizes technologies, skillsets, and processes to help readers quickly discern what capabilities solve what problems, what gaps exist in one’s security program, and where there are opportunities for new capabilities to be created. Although the Cyber Defense Matrix was initially designed to help organize security technologies, many other use cases have been discovered to help build, manage, and operate a security program. This book captures these use cases and their implementations to help readers navigate the complex landscape of cybersecurity.
“Cybersecurity is the most challenging intellectual profession on the planet; however you approach it, your methods, your process has to be reliably stable (and straightforward) in the face of technologic ferment and sentient opponents. Start here.” - Dan Geer, CISO at In-Q-Tel
“With Sounil Yu’s Cyber Defense Matrix, not only does this tool have a blunt end and a sharp end (for very high-level strategic discussions as well as nit-picky dissections of technical functionality), but it can telescope to different dimensions to encompass who owns a function or asset, who is responsible for handoffs in a process flow, and where risks have externalities.” - Wendy Nather, Head of Advisor CISOs, Cisco
“Cybersecurity has become too complex — chaotic even. The Cyber Defense Matrix helps break through the noise, offering a clear understanding of how our assets relate to one another and reinforcing our ability to gain deeper structural and situational awareness.” - Erkang Zheng, Founder and CEO of JupiterOne
“The Cyber Defense Matrix is an important strategic tool to help CISOs implement a high confidence security program.” - Bryan Ware, former Assistant Director for Cybersecurity at DHS CISA
“The Cyber Defense Matrix is the first comprehensive security framework that actually works. Having applied the matrix for years since hearing about it from Sounil, it is the only one that hasn’t gotten overly complicated with use. I highly recommend it to anyone (practitioners, entrepreneurs, investors) as a way to rationalize the exponential growth in security innovation.” - Will Lin, Managing Director and Founding Member at Forgepoint Capital
“The Cyber Defense Matrix has become an indispensable part of my journalism toolkit. It’s a perfect framework to help cut through vendor hype to determine product and technology usefulness.” - Ryan Naraine, Editor-at-Large, SecurityWeek, host of Security Conversations podcast
“I liken the Cyber Defense Matrix to the periodic table of security. It defines and explains how security program elements work together. It should become the standard for security communications - particularly when rationalizing our efforts to security outsiders who see security as a cryptic black hole or bottomless money pit with questionable ROI.” - Richard Seiersen, author of How to Measure Anything in Cybersecurity Risk and the Metrics Manifesto
“Free your mind! Red/Blue/Purple pill… SEE the Matrix; transcend the noise, unlock critical thinking & progress. Sounil’s Rosetta Stone is ONLY the beginning.” - Josh Corman, Cyber [Strategist Philosopher Educator Provocateur Policy Catalyst Futurist]