Inferential analysis using feedback for extracting and combining cyber risk information including proxy connection analyses
First Claim
1. A method, comprising:
- assessing cyber risk in one or more computer networks for an entity, by collecting information from at least one accessible network element by;
establishing a plurality of proxy connections with entity resources of an entity, the plurality of proxy connections being established with one or more computer networks for the entity;
evaluating performance of the plurality of proxy connections; and
scoring the proxy connections based on their performance to determine a proxy score associated with the proxy connections;
automatically determining, based on the proxy score, a change or a setting regarding the proxy connections; and
automatically recommending, based on the assessed cyber risk, computer network changes for the one or more computer networks to reduce the assessed cyber risk.
4 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the present technology include methods of assessing risk of a cyber security failure in one or more computer networks for an entity. Various embodiments include establishing a plurality of proxy connections with entity resources, evaluating performance of the proxy connections, and scoring the proxy connections based on performance. Various embodiments may further include automatically determining, based on the proxy score, a change or setting regarding the proxy connections. Various embodiments may also include automatically recommending, based on the assessed risk, computer network changes for the one or more computer networks to reduce the assessed risk. Some embodiments may include providing recommended computer network and/or policy changes to reduce the assessed risk, determining the entity has enacted some recommended network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.
112 Citations
23 Claims
-
1. A method, comprising:
-
assessing cyber risk in one or more computer networks for an entity, by collecting information from at least one accessible network element by; establishing a plurality of proxy connections with entity resources of an entity, the plurality of proxy connections being established with one or more computer networks for the entity; evaluating performance of the plurality of proxy connections; and scoring the proxy connections based on their performance to determine a proxy score associated with the proxy connections; automatically determining, based on the proxy score, a change or a setting regarding the proxy connections; and automatically recommending, based on the assessed cyber risk, computer network changes for the one or more computer networks to reduce the assessed cyber risk. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method, comprising:
-
assessing cyber risk in one or more computer networks for an entity, using a computer agent configured to collect information from at least one accessible network element, wherein the assessing of the cyber risk comprises; evaluating the collected information to obtain circumstantial or indirect information that is indicative of the entity; cross referencing data in the collected information to confirm or infer that the entity is referenced in the circumstantial or indirect information that is indicative of the entity being referenced in the circumstantial or indirect information; establishing a plurality of proxy connections with entity resources of the entity; evaluating performance of the plurality of proxy connections; scoring the proxy connections based on their performance; and automatically determining proxy connection changes based on the scoring; automatically determining, based on the assessed cyber risk, a change or a setting to at least one element of policy criteria of a cyber security policy; and automatically recommending, based on the assessed cyber risk, computer network changes to reduce the assessed cyber risk. - View Dependent Claims (22, 23)
-
Specification