What do you think?
Rate this book
Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape
From Sounil Yu, a security innovator with a deep knowledge of computer systems and a career spanning more than three decades as an executive leader of information technology and security tackling cybersecurity challenges in the federal government, military, and private sector. Currently, he is the CISO and Head of Research at JupiterOne, a cloud-native asset management and security platform.
His new book, Cyber Defense Matrix , helps practitioners, vendors, and investors understand the range of capabilities needed to build, manage, and operate a security program. The simple, logical construct of the Matrix organizes technologies, skillsets, and processes to help readers quickly discern what capabilities solve what problems, what gaps exist in one’s security program, and where there are opportunities for new capabilities to be created. Although the Cyber Defense Matrix was initially designed to help organize security technologies, many other use cases have been discovered to help build, manage, and operate a security program. This book captures these use cases and their implementations to help readers navigate the complex landscape of cybersecurity. “Cybersecurity is the most challenging intellectual profession on the planet; however you approach it, your methods, your process has to be reliably stable (and straightforward) in the face of technologic ferment and sentient opponents. Start here.” - Dan Geer, CISO at In-Q-Tel “With Sounil Yu’s Cyber Defense Matrix, not only does this tool have a blunt end and a sharp end (for very high-level strategic discussions as well as nit-picky dissections of technical functionality), but it can telescope to different dimensions to encompass who owns a function or asset, who is responsible for handoffs in a process flow, and where risks have externalities.” - Wendy Nather, Head of Advisor CISOs, Cisco “Cybersecurity has become too complex — chaotic even. The Cyber Defense Matrix helps break through the noise, offering a clear understanding of how our assets relate to one another and reinforcing our ability to gain deeper structural and situational awareness.” - Erkang Zheng, Founder and CEO of JupiterOne “The Cyber Defense Matrix is an important strategic tool to help CISOs implement a high confidence security program.” - Bryan Ware, former Assistant Director for Cybersecurity at DHS CISA “The Cyber Defense Matrix is the first comprehensive security framework that actually works. Having applied the matrix for years since hearing about it from Sounil, it is the only one that hasn’t gotten overly complicated with use. I highly recommend it to anyone (practitioners, entrepreneurs, investors) as a way to rationalize the exponential growth in security innovation.” - Will Lin, Managing Director and Founding Member at Forgepoint Capital “ The Cyber Defense Matrix has become an indispensable part of my journalism toolkit. It’s a perfect framework to help cut through vendor hype to determine product and technology usefulness.” - Ryan Naraine, Editor-at-Large, SecurityWeek, host of Security Conversations podcast “I liken the Cyber Defense Matrix to the periodic table of security. It defines and explains how security program elements work together. It should become the standard for security communications - particularly when rationalizing our efforts to security outsiders who see security as a cryptic black hole or bottomless money pit with questionable ROI.” - Richard Seiersen, author of How to Measure Anything in Cybersecurity Risk and the Metrics Manifesto “Free your mind! Red/Blue/Purple pill… SEE the Matrix; transcend the noise, unlock critical thinking & progress. Sounil’s Rosetta Stone is ONLY the beginning.” - Josh Corman, Cyber [Strategist Philosopher Educator Provocateur Policy Catalyst Futurist]
His new book, Cyber Defense Matrix , helps practitioners, vendors, and investors understand the range of capabilities needed to build, manage, and operate a security program. The simple, logical construct of the Matrix organizes technologies, skillsets, and processes to help readers quickly discern what capabilities solve what problems, what gaps exist in one’s security program, and where there are opportunities for new capabilities to be created. Although the Cyber Defense Matrix was initially designed to help organize security technologies, many other use cases have been discovered to help build, manage, and operate a security program. This book captures these use cases and their implementations to help readers navigate the complex landscape of cybersecurity. “Cybersecurity is the most challenging intellectual profession on the planet; however you approach it, your methods, your process has to be reliably stable (and straightforward) in the face of technologic ferment and sentient opponents. Start here.” - Dan Geer, CISO at In-Q-Tel “With Sounil Yu’s Cyber Defense Matrix, not only does this tool have a blunt end and a sharp end (for very high-level strategic discussions as well as nit-picky dissections of technical functionality), but it can telescope to different dimensions to encompass who owns a function or asset, who is responsible for handoffs in a process flow, and where risks have externalities.” - Wendy Nather, Head of Advisor CISOs, Cisco “Cybersecurity has become too complex — chaotic even. The Cyber Defense Matrix helps break through the noise, offering a clear understanding of how our assets relate to one another and reinforcing our ability to gain deeper structural and situational awareness.” - Erkang Zheng, Founder and CEO of JupiterOne “The Cyber Defense Matrix is an important strategic tool to help CISOs implement a high confidence security program.” - Bryan Ware, former Assistant Director for Cybersecurity at DHS CISA “The Cyber Defense Matrix is the first comprehensive security framework that actually works. Having applied the matrix for years since hearing about it from Sounil, it is the only one that hasn’t gotten overly complicated with use. I highly recommend it to anyone (practitioners, entrepreneurs, investors) as a way to rationalize the exponential growth in security innovation.” - Will Lin, Managing Director and Founding Member at Forgepoint Capital “ The Cyber Defense Matrix has become an indispensable part of my journalism toolkit. It’s a perfect framework to help cut through vendor hype to determine product and technology usefulness.” - Ryan Naraine, Editor-at-Large, SecurityWeek, host of Security Conversations podcast “I liken the Cyber Defense Matrix to the periodic table of security. It defines and explains how security program elements work together. It should become the standard for security communications - particularly when rationalizing our efforts to security outsiders who see security as a cryptic black hole or bottomless money pit with questionable ROI.” - Richard Seiersen, author of How to Measure Anything in Cybersecurity Risk and the Metrics Manifesto “Free your mind! Red/Blue/Purple pill… SEE the Matrix; transcend the noise, unlock critical thinking & progress. Sounil’s Rosetta Stone is ONLY the beginning.” - Josh Corman, Cyber [Strategist Philosopher Educator Provocateur Policy Catalyst Futurist]
151 pages, Paperback
Published January 20, 2022
11 people are currently reading
65 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 3 of 3 reviews
September 18, 2022
Sounil does a wonderful job at filling in the gaps left behind by the constantly moving and evolving industry that is cybersecurity. Is the security posture of the organization I am a part of so bad that I am extremely susceptible to business-ending risks? What if solving for some of those risks put our business inherently at risk because they impede our developers from making changes at a fast enough pace?
So much to know and so little time to think. Never fear, the Cyber Defense Matrix to the rescue! If you are interested in a framework that is easy to digest and persistent on providing you and your business clarity on how to navigate the complex landscape of cybersecurity, don't hesitate to pick this up.
So much to know and so little time to think. Never fear, the Cyber Defense Matrix to the rescue! If you are interested in a framework that is easy to digest and persistent on providing you and your business clarity on how to navigate the complex landscape of cybersecurity, don't hesitate to pick this up.
July 4, 2023
From a survey of some 1200 security decision makers in 2021, Panaseer estimated that the average number of security tools deployed in big enterprises is approximately 76. That's a big number to manage. Compare it to the the early internet days (1990s), when we all just had three tools (firewalls, anti-virus, and Intrusion detection), and the inherent complexity of that constant growth is startling. In today's security vendor climate, most tools are platforms that can perform all sorts of functions and I'd wager a hundred dollars of my own money that many of those 76 tools have overlapping features. The impact is that security practitioners may pay x dollars for tool A and y dollars for tool B when one tool might suffice. If there was some way we could analyze our deployed tool set to eliminate this inefficiency in terms of cost and functionality, we could reduce the cost of ownership for our infosec programs in terms of budget and technical debt. This is where Sounil Yu's book, "Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape" comes into play.
Full disclosure, Sounil is an old friend of mine and I've had the pleasure of discussing this topic with him over the years as he has developed it. I met him when he was the Chief Security Scientist at Bank of America (As of this writing, he is the CISO at JupiterOne). Bank of America is the kind of organization that would have at least 76 security tools deployed if not many more and one of Sounil's jobs was to recommend new cybersecurity technologies. But he found the task of deciphering what tool A and tool B did by reading vendor product marketing documentation to be almost impossible. Vendors claim that their products do everything better than their competitors to include whatever the latest favored buzz word is like zero trust, artificial intelligence, etc. Sounil said, "I was staring at this mess of buzzwords that don't really make any sense and trying to decipher what we actually needed." He needed a way to evaluate each deployed and potential product.
Sounil's CyberDefense Matrix is a scaffolding to assess security tools in conjunction with the NIST Cybersecurity Framework. It's a methodology to categorize each deployed tool into one of Five buckets: Identify, Protect, Detect, Respond, and Recover. You can use the matrix to visualize where you have tool overlap and where you have tactical deployment gaps while pursuing your overall infosec strategy. When you have tool overlap, you can reduce the cost of your infosec program and not raise the probability of material impact to your organization due to a cyber attack. When you identify deployment gaps, you can assess how much you might buy down risk if you fill that gap.
Sounil rotates around the NIST Cybersecurity Framework as the strategy. I could argue that the Framework is not really a strategy at all. It's more of a maturity model or checklist, but hey, if that's what you have built your infosec program on, you can use the CyberDefense Matrix to eliminate waste and perhaps get more coverage. If you don't like the NIST Cybersecurity Framework, pick your own. If you're more of a first principle aficionado and are pursuing zero trust, intrusion kill chain prevention, and/or resilience as your strategy, Sounil's Matrix can help you regardless of your choice.
Admittedly, I don't see Sounil's matrix being of much use to startups, small, and even some medium sized organizations. Those teams don't have the same collection of tools that a Bank of America might have. That's why I'm not recommending this book for the Cybersecurity Canon Hall of Fame. It doesn't apply to every cybersecurity practitioner. Still, as your organization grows and the number of your security tools creeps up to a value that it too hard keep track of in your head, Sounil's CyberDefense Matrix can make your job easier.
References
Irei, A., 2021. Cyber Defense Matrix makes sense of chaotic security market [Book Review]. TechTarget. URL https://www.techtarget.com/searchsecu....
Staff, 2021. Panaseer 2022 Security Leaders Peer Report [Survey]. Panaseer. URL https://panaseer.com/reports-papers/r....
Full disclosure, Sounil is an old friend of mine and I've had the pleasure of discussing this topic with him over the years as he has developed it. I met him when he was the Chief Security Scientist at Bank of America (As of this writing, he is the CISO at JupiterOne). Bank of America is the kind of organization that would have at least 76 security tools deployed if not many more and one of Sounil's jobs was to recommend new cybersecurity technologies. But he found the task of deciphering what tool A and tool B did by reading vendor product marketing documentation to be almost impossible. Vendors claim that their products do everything better than their competitors to include whatever the latest favored buzz word is like zero trust, artificial intelligence, etc. Sounil said, "I was staring at this mess of buzzwords that don't really make any sense and trying to decipher what we actually needed." He needed a way to evaluate each deployed and potential product.
Sounil's CyberDefense Matrix is a scaffolding to assess security tools in conjunction with the NIST Cybersecurity Framework. It's a methodology to categorize each deployed tool into one of Five buckets: Identify, Protect, Detect, Respond, and Recover. You can use the matrix to visualize where you have tool overlap and where you have tactical deployment gaps while pursuing your overall infosec strategy. When you have tool overlap, you can reduce the cost of your infosec program and not raise the probability of material impact to your organization due to a cyber attack. When you identify deployment gaps, you can assess how much you might buy down risk if you fill that gap.
Sounil rotates around the NIST Cybersecurity Framework as the strategy. I could argue that the Framework is not really a strategy at all. It's more of a maturity model or checklist, but hey, if that's what you have built your infosec program on, you can use the CyberDefense Matrix to eliminate waste and perhaps get more coverage. If you don't like the NIST Cybersecurity Framework, pick your own. If you're more of a first principle aficionado and are pursuing zero trust, intrusion kill chain prevention, and/or resilience as your strategy, Sounil's Matrix can help you regardless of your choice.
Admittedly, I don't see Sounil's matrix being of much use to startups, small, and even some medium sized organizations. Those teams don't have the same collection of tools that a Bank of America might have. That's why I'm not recommending this book for the Cybersecurity Canon Hall of Fame. It doesn't apply to every cybersecurity practitioner. Still, as your organization grows and the number of your security tools creeps up to a value that it too hard keep track of in your head, Sounil's CyberDefense Matrix can make your job easier.
References
Irei, A., 2021. Cyber Defense Matrix makes sense of chaotic security market [Book Review]. TechTarget. URL https://www.techtarget.com/searchsecu....
Staff, 2021. Panaseer 2022 Security Leaders Peer Report [Survey]. Panaseer. URL https://panaseer.com/reports-papers/r....
March 28, 2022
There was some great ideas in this book, but implementation guidelines and usefulness in very large organizations weren’t clear. Seems very applicable to smaller companies and startups, though.
Displaying 1 - 3 of 3 reviews