Near-real-time export of cyber-security risk information
First Claim
1. A method for exporting cyber-security risk information in an industrial control system, comprising:
- monitoring, by a risk manager system, a plurality of connected devices in the industrial control system that are vulnerable to cyber-security risks;
detecting, by the risk manager system, a cyber-security risk to one or more devices of the plurality of connected devices being monitored;
identifying, by the risk manager system, an external system to be notified of the cyber-security risk;
determining whether to send one or more filtered data streams or one or more unfiltered data streams to the external system based on a user selection option, the user selection option based on whether the external system is (i) a first system configured to process the one or more unfiltered data streams and not qualified for data collection in the industrial control system, or (ii) a second system configured to display the one or more filtered data streams to a user;
receiving at least one filtering option for the one or more filtered data streams or the one or more unfiltered data streams; and
sending cyber-security risk data, by the risk manager system, to the external system according to the cyber-security risk and the at least one filtering option.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure provides an apparatus and method for near-real-time export of cyber-security risk information, including but not limited to in industrial control systems and other systems. A method includes monitoring, by a risk manager system, a plurality of connected devices that are vulnerable to cyber-security risks. The method includes detecting a cyber-security risk to one or more of the devices being monitored. The method includes identifying an external system to be notified of the detected cyber-security risk. The method includes sending cyber-security risk data to the external system according to the detected cyber-security risk and at least one filtering option.
-
Citations
20 Claims
-
1. A method for exporting cyber-security risk information in an industrial control system, comprising:
-
monitoring, by a risk manager system, a plurality of connected devices in the industrial control system that are vulnerable to cyber-security risks; detecting, by the risk manager system, a cyber-security risk to one or more devices of the plurality of connected devices being monitored; identifying, by the risk manager system, an external system to be notified of the cyber-security risk; determining whether to send one or more filtered data streams or one or more unfiltered data streams to the external system based on a user selection option, the user selection option based on whether the external system is (i) a first system configured to process the one or more unfiltered data streams and not qualified for data collection in the industrial control system, or (ii) a second system configured to display the one or more filtered data streams to a user; receiving at least one filtering option for the one or more filtered data streams or the one or more unfiltered data streams; and sending cyber-security risk data, by the risk manager system, to the external system according to the cyber-security risk and the at least one filtering option. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A risk manager system for exporting cyber-security risk information in an industrial control system, comprising:
-
at least one processing device; at least one network interface; and at least one memory containing instructions, wherein the at least one processing device is configured, when executing the instructions, to; monitor a plurality of connected devices, in the industrial control system, that are vulnerable to cyber-security risks; detect a cyber-security risk to one or more devices of the plurality of connected devices being monitored; identify an external system to be notified of the cyber-security risk; determine whether to send one or more filtered data streams or one or more unfiltered data streams to the external system based on a user selection option, the user selection option based on whether the external system is (i) a first system configured to process the one or more unfiltered data streams and not qualified for data collection in the industrial control system, or (ii) a second system configured to display the one or more filtered data streams to a user; receive at least one filtering option for the one or more filtered data streams or the one or more unfiltered data streams; and send cyber-security risk data to the external system according to the cyber-security risk and the at least one filtering option. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine-readable medium encoded with executable instructions for exporting cyber-security risk information in an industrial control system that, when executed, cause one or more processors of a risk manager system to:
-
monitor a plurality of connected devices, in the industrial control system, that are vulnerable to cyber-security risks; detect a cyber-security risk to one or more devices of the plurality of connected devices being monitored; identify an external system to be notified of the cyber-security risk; determine whether to send one or more filtered data streams or one or more unfiltered data streams to the external system based on a user selection option, the user selection option based on whether the external system is (i) a first system configured to process the one or more unfiltered data streams and not qualified for data collection in the industrial control system, or (ii) a second system configured to display the one or more filtered data streams to a user; receive at least one filtering option for the one or more filtered data streams or the one or more unfiltered data streams; and send cyber-security risk data to the external system according to the cyber-security risk and the at least one filtering option. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification