The Cyber Defense Matrix (CDM) is a strategic, 5x5 visual framework developed by Sounil Yu to simplify cybersecurity by mapping, organizing, and rationalizing security tools against key asset classes. It bridges the gap between theoretical frameworks (like NIST CSF) and practical, operational decisions, helping professionals identify gaps in their coverage.
This article outlines how to use it in vCIOToolbox.
1. Choose the Cyber Defense Matrix from the GRC Programs available.
2. Click Assess to start the assessment.
3. Click Start the Assessment
4. Begin your assessment. If there are missing components of the control being measured, create a new recommendation.
Optional: Send the findings to the Risk Register
5. Add your assets to to the assessment
6. Create your Recommendation
6. Once the recommendation is created yoiur can add assets, risks, or commendats to the Recommendation.
7. To view the output, click on the icon on the top of the page.
8. This will then bring you to the Matrix and expanded findings.
Matrix View and Findings
Findings - Expanded
If you have any additional questions, please reach out to support@vciotoolbox.com.