Cyber-security presence monitoring and assessment

US 10,419,455 B2
Filed: 05/10/2016
Issued: 09/17/2019
Est. Priority Date: 05/10/2016
Status: Active Grant

First Claim

Patent Images

1. A cyber-security system comprising:

a cyber-traffic event analysis system implemented at least partially in hardware, and a cyber-security data processing system implemented at least partially in hardware;

wherein the cyber-traffic event analysis system is configured to;

monitor a communications network for confidential information associated with a consumer account associated with a consumer;

determine, based on a number of devices on the communications network storing the confidential information and a number of digital accounts associated with the consumer on the communications network, a value indicative of a risk of a data breach;

detect evidence of the data breach of the confidential information associated with the consumer account as a result of the monitoring; and

report the evidence of the data breach to the cyber-security data processing system;

wherein the cyber-security data processing system is configured to;

receive the evidence of the data breach associated with the consumer account;

determine, based on the evidence of the data breach, a probability that a future use of the confidential information will impact the consumer; and

adjust the value based on the probability.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, computer-readable media, software, and apparatuses may monitor consumer information in order to determine a probability of a data breach associated with a customer based on an online presence of the customer. The probability of a data breach may be used to present metrics to a consumer and/or a service provider. Further, the consumer may be presented with information indicating what factors contribute to the probability of a data breach, as well as information regarding how to reduce those factors.

Citations

21 Claims

1. A cyber-security system comprising:
- a cyber-traffic event analysis system implemented at least partially in hardware, and a cyber-security data processing system implemented at least partially in hardware;
  
  wherein the cyber-traffic event analysis system is configured to;
  
  monitor a communications network for confidential information associated with a consumer account associated with a consumer;
  
  determine, based on a number of devices on the communications network storing the confidential information and a number of digital accounts associated with the consumer on the communications network, a value indicative of a risk of a data breach;
  
  detect evidence of the data breach of the confidential information associated with the consumer account as a result of the monitoring; and
  
  report the evidence of the data breach to the cyber-security data processing system;
  
  wherein the cyber-security data processing system is configured to;
  
  receive the evidence of the data breach associated with the consumer account;
  
  determine, based on the evidence of the data breach, a probability that a future use of the confidential information will impact the consumer; and
  
  adjust the value based on the probability.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The cyber-security system of claim 1, wherein the evidence of the data breach comprises a credit card number.
  - 3. The cyber-security system of claim 1, wherein the evidence of the data breach comprises credentials associated with the consumer account.
  - 4. The cyber-security system of claim 1, wherein the communications network comprises an Internet.
  - 5. The cyber-security system of claim 1, wherein the cyber-security data processing system is further configured to determine the value based on an online presence of the consumer.
  - 6. The cyber-security system of claim 1, wherein the cyber-security data processing system is further configured to:
    - publish the value on an online marketplace;
      
      receive, via the online marketplace, a request for the value; and
      
      transmit the value to a service provider in response to the request.
  - 7. The cyber-security system of claim 1, wherein the cyber-security data processing system is further configured to:
    - receive an indication that the consumer has undergone cyber-security training;
      
      adjust the value based on the cyber-security training; and
      
      transmit the adjusted value for presentation to the consumer.
  - 8. The method of claim 1, wherein the digital accounts comprise a banking account and a social media account.

9. A method comprising:
- determining, by a security monitoring device, one or more accounts comprising confidential information associated with a consumer;
  
  scanning, by the security monitoring device, a local network associated with the consumer for one or more local devices on the local network;
  
  determine, based on the scanning, a number of devices on the local network storing the confidential information and a number of digital accounts associated with the consumer on the local network;
  
  monitoring, by the security monitoring device, an external network for a data breach associated with the confidential information;
  
  determining, by the security monitoring device, a value based on the determining the one or more accounts, the scanning the local network, the number of devices, the number of digital accounts and the monitoring the external network; and
  
  transmitting, by the security monitoring device, the value for presentation to the consumer.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, wherein the monitoring the external network for the data breach comprises monitoring one or more Internet sites for the confidential information.
  - 11. The method of claim 9, further comprising:
    - publishing the value on an online marketplace;
      
      receiving, via the online marketplace, a request for the value; and
      
      transmitting the value to a service provider in response to the request.
  - 12. The method of claim 9, further comprising:
    - detecting, after the transmitting the value, a new data breach associated with the confidential information;
      
      adjusting the value based on the detecting; and
      
      transmitting the adjusted value for presentation to the consumer.
  - 13. The method of claim 9, wherein the determining the value further comprises determining the value further based on information received from a credit monitoring service.
  - 14. The method of claim 9, further comprising:
    - receiving an indication that the consumer has undergone cyber-security training;
      
      adjusting the value based on the cyber-security training; and
      
      transmitting the adjusted value for presentation to the consumer.

15. A cyber-security data processing system comprising a cyber-traffic event analysis system and a cyber-security data processing system:
- a processor implemented at least partially in hardware;
  
  a memory unit storing computer-executable instructions, which when executed by the processor, cause the cyber-security data processing system to;
  
  monitor a communications network for confidential information associated with a consumer;
  
  determine, based on a number of devices on the communications network storing the confidential information and a number of digital accounts associated with the consumer on the communications network, a value indicative of a risk of a data breach;
  
  detect one or more instances of the confidential information on the communications network as a result of the monitoring; and
  
  receive additional information associated with the consumer from a service provider;
  
  determine a probability of a future fraudulent use of the confidential information impacting the consumer based on the one or more instances and the additional information; and
  
  adjust the value based on the probability.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The cyber-security data processing system of claim 15, wherein the cyber-security data processing system further stores computing-executable instructions, which when executed by the processor, cause the cyber-security data processing system to:
    - publish the value on an online marketplace;
      
      receive, via the online marketplace, a request for the value; and
      
      transmit the value to an insurance provider in response to the request.
  - 17. The cyber-security data processing system of claim 15, wherein the service provider comprises a credit monitoring service.
  - 18. The cyber-security data processing system of claim 15, wherein the cyber-security data processing system further stores computing-executable instructions, which when executed by the processor, cause the cyber-security data processing system to transmit the value to a device associated with the consumer.
  - 19. The cyber-security data processing system of claim 18, wherein the cyber-security data processing system further stores computing-executable instructions, which when executed by the processor, cause the cyber-security data processing system to:
    - detect, after the transmitting the value, a new instance of the confidential information;
      
      adjust the value based on detecting the new instance; and
      
      transmit the adjusted value for presentation to the consumer.
  - 20. The cyber-security data processing system of claim 19, wherein the adjusted value is presented to the consumer as a number displayed via a cyber-security application on a mobile computing device.
  - 21. The cyber-security data processing system of claim 15, wherein the cyber-security data processing system further stores computing-executable instructions, which when executed by the processor, cause the cyber-security data processing system to:
    - receive an indication that the consumer has undergone cyber-security training;
      
      adjust the value based on the cyber-security training; and
      
      transmit the adjusted value for presentation to the consumer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Allstate Insurance Company (Allstate Corporation)
Original Assignee
Allstate Insurance Company (Allstate Corporation)
Inventors
Park, Jason D., Hayes, Howard, Chen, Tao, Parkinson, John S.
Primary Examiner(s)
Abyaneh, Ali S
Assistant Examiner(s)
Callahan, Paul E

Application Number

US15/150,955
Publication Number

US 20170331839A1
Time in Patent Office

1,225 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2101   Auditing as a secondary aspect

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

Cyber-security presence monitoring and assessment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Cyber-security presence monitoring and assessment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links