System and method of mitigating cyber attack risks
First Claim
1. A security system, comprising:
- a computer system;
a memory accessible to the computer system;
an application stored in the memory that, when executed by the computer system;
populates, in the memory for each of a plurality of different cyber threats, a cyber threat progression vector comprising a plurality of predefined elements that each correspond to a step of a plurality of separate steps that are taken in carrying out a corresponding cyber threat of the plurality of different cyber threats,determines, based on the cyber threat progression vector for each of the plurality of different cyber threats, a plurality of electronic or procedural controls or countermeasures to mitigate cyber risks, andeffects at least a first electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a first cyber threat of the plurality of different cyber threats and at least a second electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a second cyber threat of the plurality of different cyber threats to interdict the first and second cyber threats at different steps corresponding to different predefined elements of the plurality of predefined elements on the cyber threat progression vectors for the first and second cyber threats; and
a computer system interface to provide the cyber threat progression vectors, and the plurality of electronic or procedural controls or countermeasures to mitigate cyber risks.
5 Assignments
0 Petitions
Accused Products
Abstract
A security system comprising a computer, a memory, a data store comprising a cyber threat intent dictionary and a technology dictionary; and an application stored in the memory. When executed by the computer, the application generates a report that comprises an identification of a cyber threat intent and the identification of a cyber threat technology, wherein the cyber threat intent is selected from a plurality of cyber threat intents listed in the cyber threat intent dictionary and wherein the cyber threat technology is selected from the technology dictionary. The application also populates values in a cyber threat progression vector, where the cyber threat progression vector comprises elements that each corresponds to an action in a chain of actions associated with a cybercrime, where the values correspond to one of present or not present. The vector is used to manage the cyber risk of an enterprise or organization.
90 Citations
20 Claims
-
1. A security system, comprising:
-
a computer system; a memory accessible to the computer system; an application stored in the memory that, when executed by the computer system; populates, in the memory for each of a plurality of different cyber threats, a cyber threat progression vector comprising a plurality of predefined elements that each correspond to a step of a plurality of separate steps that are taken in carrying out a corresponding cyber threat of the plurality of different cyber threats, determines, based on the cyber threat progression vector for each of the plurality of different cyber threats, a plurality of electronic or procedural controls or countermeasures to mitigate cyber risks, and effects at least a first electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a first cyber threat of the plurality of different cyber threats and at least a second electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a second cyber threat of the plurality of different cyber threats to interdict the first and second cyber threats at different steps corresponding to different predefined elements of the plurality of predefined elements on the cyber threat progression vectors for the first and second cyber threats; and a computer system interface to provide the cyber threat progression vectors, and the plurality of electronic or procedural controls or countermeasures to mitigate cyber risks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of mitigating cyber attack risk, comprising:
-
receiving, by a computer system, and analyzing cyber threat intelligence; populating, in memory for each of a plurality of different cyber threats, a cyber threat progression vector comprising a plurality of predefined elements that each correspond to a step of a plurality of separate steps that are taken in carrying out a corresponding cyber threat of the plurality of different cyber threats; determining, based on the cyber threat progression vector for each of the plurality of different cyber threats, a plurality of electronic or procedural controls or countermeasures to mitigate cyber risks; and effecting at least a first electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a first cyber threat of the plurality of different cyber threats and at least a second electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a second cyber threat of the plurality of different cyber threats to interdict the first and second cyber threats at different steps corresponding to different predefined elements of the plurality of predefined elements on the cyber threat progression vectors for the first and second cyber threats. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification