Podcast: The Cyber Defense Matrix

April 21, 2021
by
Sounil Yu

 

In 2020, Security Magazine listed Sounil Yu as one of the most Influential People in Security, in part because of his work on the Cyber Defense Matrix, a framework for understanding and navigating your cybersecurity environments. The Cyber Defense Matrix  started as a project when Sounil was the Chief Security Scientist at Bank of America. The initial problem he focused on with the matrix was how to evaluate and categorize vendors and the solutions they provided. 

The Cyber Defense Matrix is a structured framework that allows a company to understand who their vendors are, what they do, how they work along side one another, what problem they profess to solve, and ultimately to find gaps in the company's portfolio of capabilities. In the seven years Sounil has been working on the project, he has developed use cases that make the Cyber Defense Matrix practical for purposes such as rationalizing technology purchases, defining metrics and measurements, and identifying control gaps and opportunities. The matrix has been adopted by the OWASP Foundation as a community project. Elements of the matrix have been incorporated into the Center for Internet Security's (CIS) Top 20 Critical Security Controls

I talked with Sounil to hear how the project was going, what his plans are for the future of the matrix, and what help he can use from the community for expanding its usefulness. 

About Sounil Yu

Before Sounil Yu joined JupiterOne as CISO and Head of Research, he was the CISO-in-Residence for YL Ventures, where he worked closely with aspiring entrepreneurs to validate their startup ideas and develop approaches for hard problems in cybersecurity. Prior to that role, Yu served at Bank of America as their Chief Security Scientist and at Booz Allen Hamilton where he helped improve security at several Fortune 100 companies and government agencies.

Resources

 

 

People | Process | Technology Podcast · The Cyber D

Sounil Yu
Sounil Yu

Before Sounil Yu joined JupiterOne as CISO and Head of Research, he was the CISO-in-Residence for YL Ventures, where he worked closely with aspiring entrepreneurs to validate their startup ideas and develop approaches for hard problems in cybersecurity. Prior to that role, Yu served at Bank of America as their Chief Security Scientist and at Booz Allen Hamilton where he helped improve security at several Fortune 100 companies and government agencies.

More blog posts by
Sounil Yu

SUBSCRIBE TO OUR NEWSLETTER

Stay up-to-date on emerging threats and security news

  • Checkmark
    Day-zero vulnerabilities & solutions
  • Checkmark
    Best practices for asset management
  • Checkmark
    Streamlining compliance and audit
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Keep Reading

5 Cybersecurity risk assessments to secure digital assets | JupiterOne
March 20, 2025
Blog
5 Cybersecurity risk assessment frameworks to secure digital assets

Discover 5 essential cybersecurity risk assessment frameworks to protect your digital assets. Learn their benefits, key features, and how to choose the right one

Redesigning the Widget Editor: A Faster, More Intuitive Way to Visualize Insights | JupiterOne
March 5, 2025
Blog
Redesigning the Widget Editor: A Faster, More Intuitive Way to Visualize Insights

The new Widget Editor delivers a more intuitive experience. Edit widgets in place, declutter your workspace, and get insights faster.

Streamlining Workflows with JupiterOne and Jira Cloud | JupiterOne
February 27, 2025
Blog
Streamlining Workflows with JupiterOne and Jira Cloud

Streamline security with JupiterOne and Jira. Automate issues, enhance collaboration, and track risks to boost efficiency and response times.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.