Sounil Yu, CISO and Head of Research at JupiterOne
, describes the Cyber Defense Matrix
and the importance of consistent cybersecurity activities across different asset classes. This talk addresses questions related to inventory, importance, vulnerability, exploitation, risk assessment, and resolution of security issues. Sunil introduces JupiterOne as a solution that provides unified cyber insights to answer these questions.
Sunil acknowledges the existence of gaps in implementing cybersecurity activities consistently and highlights ongoing efforts to identify and fill these gaps within the cybersecurity ecosystem. Sunil also discuss the need to shift from people-centric approaches to technology-centric approaches and provide examples of using JupiterOne to find and classify assets based on criticality.
The determination of criticality is also explored, with the proposition of the DIA (Distributed, Immutable, Ephemeral)
Triad as an alternative to the traditional CIA (Confidentiality, Integrity, Availability)
Triad. It is suggested that measuring attributes related to DIA, such as time, immutability, and distribution, can help infer criticality algorithmically.
Additionally, the challenge of identifying actively exploited vulnerabilities is discussed, and Sunil proposes incorporating an exploitability scoring system similar to EPS (Exploitability Prediction Scoring) to address this issue. The talk highlights the need for an equivalent system for human vulnerabilities and data stores.
This talk also delves into the automation of cybersecurity activities using the Cyber Defense Matrix and how JupiterOne can help automate tasks such as inventory management, vulnerability identification, and prioritization of fixes.