Reducing cybersecurity risk level of a portfolio of companies using a cybersecurity risk multiplier
First Claim
1. An interactive tool improves for improving a cybersecurity risk level of a portfolio of companies, the interactive tool comprising:
- a memory; and
one or more processors communicatively coupled to the memory, where the one or more processors are configured to;
identify;
at least one company that experienced a cybersecurity risk event during a certain time period;
at least one attribute common to the at least one identified company that experienced the cybersecurity risk event and a plurality of companies in the portfolio of companies, anda degree of mutuality of the at least one attributes;
determine a probability that another cybersecurity risk event will occur with respect to the plurality of companies in the portfolio of companies, where the probability depends on;
the number of identified common attributes, anddegrees of mutuality of the number of identified attributes;
generate, from the determined probability, a cybersecurity risk multiplier for the portfolio of companies;
generate a refined cybersecurity risk level that is a function of an initial cybersecurity risk level and the cybersecurity risk multiplier;
display, to a user;
the refined cybersecurity risk level for the portfolio of companies; and
execute at least one action to improve the refined cybersecurity risk level in response to a user selection.
4 Assignments
0 Petitions
Accused Products
Abstract
A multiplier is utilized to quantify a cybersecurity risk level of a portfolio of entities (e.g., companies) and enable actions to mitigate that quantified risk. In doing so, features or attributes of one or more companies in a portfolio are compared to features or attributes of one or more companies that experienced an adverse cybersecurity event (e.g. a data breach). Further, a degree of dependency, such as a matrix of a number of shared vendors and the proximity of those vendors to the companies, can be measured between (1) portfolio companies and one or more companies that experienced a cybersecurity event, and/or (2) the portfolio companies themselves to better quantify the risk. That is, to more meaningfully analyze a cybersecurity event that occurred at one or more companies and better predict the likelihood of an occurrence at portfolio companies, embodiments can determine an n-degree interdependency between companies.
-
Citations
20 Claims
-
1. An interactive tool improves for improving a cybersecurity risk level of a portfolio of companies, the interactive tool comprising:
-
a memory; and one or more processors communicatively coupled to the memory, where the one or more processors are configured to; identify; at least one company that experienced a cybersecurity risk event during a certain time period; at least one attribute common to the at least one identified company that experienced the cybersecurity risk event and a plurality of companies in the portfolio of companies, and a degree of mutuality of the at least one attributes; determine a probability that another cybersecurity risk event will occur with respect to the plurality of companies in the portfolio of companies, where the probability depends on; the number of identified common attributes, and degrees of mutuality of the number of identified attributes; generate, from the determined probability, a cybersecurity risk multiplier for the portfolio of companies; generate a refined cybersecurity risk level that is a function of an initial cybersecurity risk level and the cybersecurity risk multiplier; display, to a user; the refined cybersecurity risk level for the portfolio of companies; and execute at least one action to improve the refined cybersecurity risk level in response to a user selection. - View Dependent Claims (2, 3)
-
-
4. A method for utilizing an interactive tool to dynamically improve a cybersecurity risk level of a portfolio of companies, the method comprising:
-
identifying at least one company that experienced a cybersecurity risk event during a certain time period; identifying; at least one attribute common to the at least one identified company that experienced the cybersecurity risk event and a plurality of companies in the portfolio of companies, and a degree of mutuality of the at least one attributes; determining a probability that another cybersecurity risk event will occur with respect to the plurality of companies in the portfolio of companies, where the probability depends on; the number of identified common attributes, and degrees of mutuality of the number of identified attributes; generating, front the determined probability, a cybersecurity risk multiplier for the portfolio of companies; generating a refilled c cybersecurity risk level that is a function of an initial cybersecurity risk level and the cybersecurity risk multiplier; displaying via an interactive tool to a user; the refined cybersecurity risk level for the portfolio of companies; and executing at least one action to improve the refined cybersecurity risk level in response to a user selection. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable storage medium storing instructions that, when executed by one or more processors, cause the one or more processors to perform operations to improve a cybersecurity risk level of a portfolio of companies, the operations comprising:
-
identifying at least one company that experienced a cybersecurity risk event during a certain time period; identifying; at least one attribute common to the at least one identified company that experienced the cybersecurity risk event and a plurality of companies in the portfolio of companies, and a degree of mutuality of the at least one attributes; determining a probability that another cybersecurity risk event will occur with respect to the plurality of companies in the portfolio of companies, where the probability depends on; the number of identified common attributes, and degrees of mutuality of the number of identified attributes; generating, from the determined probability, a cybersecurity risk multiplier for the portfolio of companies; generating a refined cybersecurity risk level that is a function of an initial cybersecurity risk level and the cybersecurity risk multiplier; displaying, to a user, an interactive tool that enables the user to view; the refined cybersecurity risk level for the portfolio of companies; and executing at least one action to improve the refined cybersecurity risk level.
-
Specification