Cyber Defense Matrix

Stub

Sounil Yu’s 5×5 Cyber Defense Matrix maps NIST CSF functions (Identify, Protect, Detect, Respond, Recover) against five asset classes (Devices, Applications, Networks, Data, Users). It serves as a coverage map for security tooling and a threat-modeling lens.

Originally published 2016, formalized in the 2022 book The Cyber Defense Matrix (Wiley). Knostic and other AI security vendors are now applying the matrix to AI-era risks via published ebooks (“Rethinking Cyber Defense for the Age of AI”).

Pending content: matrix structure, AI-extension mapping, vendor-coverage mapping, integration with AI TRiSM.

See Also

• Sounil Yu
• Gartner AI TRiSM — adjacent governance framework
• AI Data Security (Knostic blog, 2026) — references the CDM as a structuring lens for AI-era risks