Correlated risk in cybersecurity
First Claim
1. A computer-implemented method for quantifying correlated risk in a network of a plurality of assets having at least one dependency, each asset belonging to at least one entity, the method comprising:
- generating a dependency graph based on relationships between the plurality of assets, the at least one dependency, and the at least one entity, wherein;
each of the plurality of assets is selected from the group consisting of;
Internet Protocol (IP) address, domain name, and server system;
each of the at least one entity is selected from the group consisting of;
a company and an organization; and
each of the at least one dependency is selected from the group consisting of;
hosting provider and software version;
executing a plurality of Monte Carlo simulations over the dependency graph by;
generating a seed event in the dependency graph, the seed event having a probability distribution; and
propagating disruption through the dependency graph based on the seed event;
assessing loss for each asset of the plurality of assets; and
aggregating losses in a nonlinear sum for two or more assets of the plurality of assets to determine correlated risk in the network.
3 Assignments
0 Petitions
Accused Products
Abstract
Computer-implemented methods are provided herein for quantifying correlated risk in a network of a plurality of assets having at least one dependency, where each asset belongs to at least one entity. The method includes generating a dependency graph based on relationships between the assets, at least one dependency, and at least one entity, and executing a plurality of Monte Carlo simulations over the dependency graph. Executing a plurality of Monte Carlo simulations includes generating a seed event in the dependency graph, where the seed event has a probability distribution, and propagating disruption through the dependency graph based on the seed event. The method further includes assessing loss for each of the assets, and aggregating losses for two or more assets to determine correlated risk in the network.
-
Citations
21 Claims
-
1. A computer-implemented method for quantifying correlated risk in a network of a plurality of assets having at least one dependency, each asset belonging to at least one entity, the method comprising:
-
generating a dependency graph based on relationships between the plurality of assets, the at least one dependency, and the at least one entity, wherein; each of the plurality of assets is selected from the group consisting of;
Internet Protocol (IP) address, domain name, and server system;each of the at least one entity is selected from the group consisting of;
a company and an organization; andeach of the at least one dependency is selected from the group consisting of;
hosting provider and software version;executing a plurality of Monte Carlo simulations over the dependency graph by; generating a seed event in the dependency graph, the seed event having a probability distribution; and propagating disruption through the dependency graph based on the seed event; assessing loss for each asset of the plurality of assets; and aggregating losses in a nonlinear sum for two or more assets of the plurality of assets to determine correlated risk in the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer-implemented method for quantifying correlated risk in a network of a plurality of assets having at least one dependency, each asset belonging to at least one entity, the method comprising:
-
receiving information indicative of the relationships between the plurality of assets, the at least one dependency, and the at least one entity; storing information indicative of the relationships between the plurality of assets, the at least one dependency, and the at least one entity in a database, wherein the information is at least one of the group consisting of;
domain name system (DNS) record, server banner, traffic data, malware infection, and software version;generating a dependency graph based on relationships between the plurality of assets, the at least one dependency, and the at least one entity; executing a plurality of Monte Carlo simulations over the dependency graph by; generating a seed event in the dependency graph, the seed event having a probability distribution; and propagating disruption through the dependency graph based on the seed event assessing loss for each asset of the plurality of assets; and aggregating losses in a nonlinear sum for two or more assets of the plurality of assets to determine correlated risk in the network. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A computer-implemented method for quantifying correlated risk in a network of a plurality of assets having at least one dependency, each asset belonging to at least one entity, the method comprising:
-
generating a dependency graph based on relationships between the plurality of assets, the at least one dependency, and the at least one entity; executing a plurality of Monte Carlo simulations over the dependency graph by; generating a seed event in the dependency graph, the seed event having a probability distribution; and propagating disruption through the dependency graph based on the seed event until a threshold amount of loss is aggregated among the two or more assets; assessing loss for each asset of the plurality of assets; and aggregating losses in a nonlinear sum for two or more assets of the plurality of assets to determine correlated risk in the network; wherein the dependency graph comprises (i) a plurality of edges representing relationships between the plurality of assets, the at least one dependency, and the at least one entity and (ii) a plurality of nodes representing the plurality of assets, the at least one dependency, and the at least one entity, and wherein each edge has a conditional probability that the asset on a receiving node of a particular edge, of the plurality of edges, is compromised given that the providing node, of the plurality of nodes, is compromised. - View Dependent Claims (20, 21)
-
Specification