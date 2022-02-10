MORRISVILLE, N.C., Feb. 10, 2022 /PRNewswire/ -- JupiterOne , the industry's leading cyber asset attack surface management (CAASM) solutions provider, today announced that Sounil Yu, the company's CISO and Head of Research, has released a book titled Cyber Defense Matrix by JupiterOne Press.

Yu is scheduled to give the keynote address about the Cyber Defense Matrix at the Right of Boom Summit in Tampa, Florida, on Friday, Feb. 11. He will also discuss the book during an upcoming episode of the Cyber Therapy talk show on Tuesday, Feb. 15, and a JupiterOne webinar on Wednesday, Feb. 23 . Yu will also sign copies at this year's RSA Conference in San Francisco, where he'll elaborate on new use cases in his sessions , Cyber Defense Matrix: Revolutions and Cyber Defense Matrix Learning Lab.

As a security leader, he has worked on the front lines of cybersecurity challenges for more than three decades on behalf of the federal government, military, and private sector. His new book aims to help practitioners, vendors, and investors understand the range of capabilities they need to build, manage, and operate a security program.

Featuring forewords by industry luminaries and security pioneers Dan Geer and Wendy Nather, the book is designed to help readers reflect on their organizational approach to security, their goals, challenges, and aspirations, what moves their security priorities forward and brings them further clarity, and how they can reimagine cybersecurity for their organization.

In writing his book, Yu shared his journey in creating a logical construct for others to discover and understand their cybersecurity landscape. With the Cyber Defense Matrix, he provides readers the encouragement and guidance to organize technologies, skill sets, and processes to discern what capabilities solve what problems, what gaps exist in one's security program, and where there are opportunities for new capabilities to be created.

Simple in form and easy to grasp, the Cyber Defense Matrix helps deepen one's understanding of the cybersecurity landscape. The matrix plots the five distinct functions of the NIST Cybersecurity Framework (IDENTIFY, PROTECT, DETECT, RESPOND, and RECOVER) against the five classes of assets in need of defense (DEVICES, NETWORKS, APPLICATIONS, DATA, and USERS) to provide a high-level overview of the entire cybersecurity environment.

Although the Cyber Defense Matrix was initially designed to help organize security technologies, many other use cases have been discovered to help build, manage, and operate a security program. This book captures those other use cases and their implementations to help readers navigate the ever-changing landscape of cybersecurity.

"Cybersecurity has become too complex — chaotic even," said Erkang Zheng, founder, and CEO of JupiterOne. "The Cyber Defense Matrix helps break through the noise, offering a clear understanding of how our assets relate to one another and reinforcing our ability to gain deeper structural and situational awareness."

The matrix can help cybersecurity professionals identify gaps in security controls, prioritize investments, develop a roadmap, understand organizational responsibilities and handoffs, and inform conversations with executive leadership. For solution providers, it can highlight promising areas for new product development. Finally, for investors, it offers a way to discover problems that have yet to be addressed through a commercial product and understand a prospective company's market opportunity and potential.

Before joining JupiterOne, Yu previously served as the CISO-in-Residence at YL Ventures and Chief Security Scientist at Bank of America. Before Bank of America, he managed information security at several Fortune 100 companies and federal government agencies. He has over 20 patents and was recognized as one of the most influential people in security in 2020 by Security Magazine, Influencer of the Year in 2021 by SC Awards, and a 2021 Top 10 CISO by Black Unicorn Awards.

About JupiterOne

JupiterOne is a cyber asset attack surface management (CAASM) solutions company, providing visibility and security into your entire cyber asset universe. Using graphs and relationships, JupiterOne provides a contextual knowledge base for an organization's cyber asset operations. With JupiterOne , teams can discover, monitor, understand, and act on changes in their digital environments. Cloud resources, ephemeral devices, identities, access rights, code, pull requests, and much more are collected, graphed, and monitored automatically by JupiterOne.

