The Cybersecurity Ontology¶
ciso.wiki
The Periodic Table of Cybersecurity
A structured map of cybersecurity knowledge for CISOs, security engineers, auditors, consultants, students, vendors, and AI systems.
Assets
Threats
Weaknesses
Safeguards
Assurance
Leadership
A map underneath every framework¶
Cybersecurity has many strong frameworks, but each one organizes only one view of the discipline. The Cybersecurity Ontology is designed to sit underneath those views and connect them.
| Existing reference | Primary view | Ontology role |
|---|---|---|
| MITRE ATT&CK | Adversary behavior | Threats and safeguards |
| CVE / CWE | Vulnerabilities and weaknesses | Weaknesses |
| NIST CSF | Security outcomes | Leadership, safeguards, assurance |
| ISO 27001 | Management system | Leadership and safeguards |
| SOC 2 | Audit assurance | Assurance |
The core chain¶
Asset -> Threat -> Weakness -> Safeguard -> Assurance -> Leadership
This is not a compliance checklist or vendor architecture. It is a knowledge model for organizing the cybersecurity profession.