Sounil Yu

The Cyber Defense Matrix helps practitioners, vendors, and investors understand the range of capabilities needed to build, manage, and operate a security program. The simple, logical construct of the Matrix organizes technologies, skillsets, and processes to help readers quickly discern what capabilities solve what problems, what gaps exist in one’s security program, and where there are opportunities for new capabilities to be created. Although the Cyber Defense Matrix was initially designed to… Show more

The Cyber Defense Matrix helps practitioners, vendors, and investors understand the range of capabilities needed to build, manage, and operate a security program. The simple, logical construct of the Matrix organizes technologies, skillsets, and processes to help readers quickly discern what capabilities solve what problems, what gaps exist in one’s security program, and where there are opportunities for new capabilities to be created. Although the Cyber Defense Matrix was initially designed to help organize security technologies, many other use cases have been discovered to help build, manage, and operate a security program. This book captures these use cases and their implementations to help readers navigate the complex landscape of cybersecurity. Show less

Information security is broken. Users and customers continually entrust companies with vital information, and companies continually fail to maintain that trust. Year after year, the same attacks are successful. But the impact has become greater. Those who build, operate, and defend systems need to acknowledge that failure will happen. People will click on the wrong thing. The security implications of code changes won't be clear. Things will break.

This report explains how engineers can… Show more

Information security is broken. Users and customers continually entrust companies with vital information, and companies continually fail to maintain that trust. Year after year, the same attacks are successful. But the impact has become greater. Those who build, operate, and defend systems need to acknowledge that failure will happen. People will click on the wrong thing. The security implications of code changes won't be clear. Things will break.

This report explains how engineers can navigate security in this new frontier. You'll learn the guiding principles of security chaos engineering for harnessing experimentation and failure as tools for empowerment—and you'll understand how to transform security from a gatekeeper to a valued advisor. Case studies from Capital One and Cardinal Health are included.
- Apply chaos engineering and resilience engineering to securely deliver software and services
- Transform security into an innovative and collaborative engine for enhancing operational speed and stability
- Anticipate and identify security failure before it turns into an incident, outage, or breach
- Harness failure to continuously improve your security strategy
- Learn your systems' ability to handle security-relevant failures such as system exploitation and server failures
- Apply a series of controlled experiments in engineering testing processes Show less

This book is a collection of knowledge from 18 contributing authors who share their tactics, techniques, and procedures for securely operating in the cloud. Each of the 27 chapters introduces a component of a bigger picture that, once put together, creates a holistic approach for your organization's security operations in the cloud.

There is much talk of topics like artificial intelligence, machine learning, and automation within the security industry. We are led to believe that these capabilities will revolutionize our security practices. However, we need to be conscious of the limits of these capabilities before we entrust them with matters of importance. To understand the limits, we need to understand what each of these capabilities really mean and how they fit together. Unfortunately, most people combine these… Show more

There is much talk of topics like artificial intelligence, machine learning, and automation within the security industry. We are led to believe that these capabilities will revolutionize our security practices. However, we need to be conscious of the limits of these capabilities before we entrust them with matters of importance. To understand the limits, we need to understand what each of these capabilities really mean and how they fit together. Unfortunately, most people combine these capabilities and use the terms almost interchangeably. Doing so is dangerous and can create unintended consequences. Show less

This is an update to the Cyber Defense Matrix briefing given at the 2019 RSA Conference. Cybersecurity practitioners can use this to organize vendors, find gaps in security portfolios, understand how to organize security measurements, prioritize investments, minimize business impact, visualize attack surfaces, align other existing frameworks, and gain a fuller understanding of the entire space of cybersecurity.

We are rapidly approaching the next era of security where we need to be focused on the ability to recover from irrecoverable attacks. This can also be defined as resiliency. The traditional view of resiliency attempts to quickly restore assets that support services that we care about. This new approach/paradigm looks at resilience in ways that promote design patterns (distributed, immutable, ephemeral) where we do not care about a given asset at all while still keeping the overall service… Show more

We are rapidly approaching the next era of security where we need to be focused on the ability to recover from irrecoverable attacks. This can also be defined as resiliency. The traditional view of resiliency attempts to quickly restore assets that support services that we care about. This new approach/paradigm looks at resilience in ways that promote design patterns (distributed, immutable, ephemeral) where we do not care about a given asset at all while still keeping the overall service functioning. This new approach allows us to avoid having to deal with security at all. Show less

Scientific modeling assists in making our complex world easier to understand and quantify. To untrained observers, the landscape of cybersecurity is extraordinarily complex. A scientific model for cybersecurity can help make it easier to study, comprehend, and improve the practice of cybersecurity. This session describes such a model, better known as the Cyber Defense Matrix, and its practical uses in understanding our past, present, and future.

The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologies that we buy and helps organizations align their vendors to have the right suite of capabilities to execute their information security mission.