BROADCASTS.com

b'

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-cyber-defense-matrix/)

A simple way to visualize your entire security program and all the tools that support it.

Check out this post\\xa0for the discussion that is the basis of our conversation on this week\\u2019s episode co-hosted by me,\\xa0David Spark\\xa0(@dspark), the creator of\\xa0CISO Series\\xa0and\\xa0Allan Alford\\xa0(@AllanAlfordinTX).\\xa0Our guest for this episode is\\xa0Sounil Yu (@sounilyu), creator of the Cyber Defense Matrix and former chief security scientist at Bank of America.

Thanks to this week\\u2019s podcast sponsor, Verodin.

The Verodin Security Instrumentation Platform proactively identifies gaps in security effectiveness attributable to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Learn how Verodin, part of FireEye, has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value.

On this episode of\\xa0Defense\\xa0in\\xa0Depth, you\\u2019ll learn:

First, just look at the darn thing and it\'ll start to make sense.

• The Cyber Defense Matrix\'s original purpose was to provide a visual way to see where your gaps are in your technology.
• Users have found lots more uses for the matrix, such as seeing those same gaps in people, processes, and trying to map out the vendor landscape.
• By visualizing, you can see also where you have too much and you can actually get rid of technologies.
• The matrix provides structural awareness of your vulnerabilities.
• The matrix admittedly gets a little wonky when cloud technologies are introduced. They often bleed across categories, not neatly fitting into any specific buckets.