SYSTEM AND METHOD FOR CYBER ATTACKS ANALYSIS AND DECISION SUPPORT

US 20130227697A1
Filed: 02/14/2013
Published: 08/29/2013
Est. Priority Date: 02/29/2012
Status: Active Grant

First Claim

Patent Images

1. A method for cyber attack risk assessment, the method comprising operating at least one hardware processor for:

collecting global cyber attack data from a networked resource;

collecting organizational profile data from a user, wherein the organizational profile data comprises;

types of computerized defensive controls employed by the organization, a maturity of each of the computerized defensive controls, and organizational assets each pertaining to a business environment and each associated with at least one of the computerized defensive controls; and

computing a cyber attack risk of the organization in real time, by continuously performing said collecting of global cyber attack data and comparing the global cyber attack data to the organizational profile data, to compute a cyber attack risk score for each of the organizational assets.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for cyber attack risk assessment, the method comprising operating at least one hardware processor for: collecting global cyber attack data from a networked resource; collecting organizational profile data from a user, wherein the organizational profile data comprises: types of computerized defensive controls employed by the organization, a maturity of each of the computerized defensive controls, and organizational assets each pertaining to a business environment and each associated with at least one of the computerized defensive controls; and computing a cyber attack risk of the organization in real time, by continuously performing said collecting of global cyber attack data and comparing the global cyber attack data to the organizational profile data, to compute a cyber attack risk score for each of the organizational assets.

Citations

20 Claims

1. A method for cyber attack risk assessment, the method comprising operating at least one hardware processor for:
- collecting global cyber attack data from a networked resource;
  
  collecting organizational profile data from a user, wherein the organizational profile data comprises;
  
  types of computerized defensive controls employed by the organization, a maturity of each of the computerized defensive controls, and organizational assets each pertaining to a business environment and each associated with at least one of the computerized defensive controls; and
  
  computing a cyber attack risk of the organization in real time, by continuously performing said collecting of global cyber attack data and comparing the global cyber attack data to the organizational profile data, to compute a cyber attack risk score for each of the organizational assets.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, further comprising providing a risk simulator configured to compute an effect of improving one or more of the computerized defensive controls on the cyber attack risk score.
  - 3. The method according to claim 2, wherein said risk simulator is further configured to perform the computing of the effect for each of different ones of the computerized defensive controls, and to compute a tradeoff between improvement of different ones of the computerized defensive controls and the cyber attack risk score.
  - 4. The method according to claim 1, further comprising displaying a dashboard comprising the cyber attack risk score for each of the organizational assets.
  - 5. The method according to claim 4, wherein said displaying of the dashboard further comprises enabling a drill-down into one or more of the organizational assets, to display one or more computerized defensive controls associated with the one or more of the organizational assets.
  - 6. The method according to claim 4, wherein the dashboard comprises a graphical, dynamic gauge for each of the organizational assets.
  - 7. The method according to claim 1, further comprising computing a success probability score of one or more attack agents indicated by the global cyber attack data.
  - 8. The method according to claim 1, further comprising computing a success probability score of one or more attack methods indicated by the global cyber attack data.

9. A non-transient computer readable medium having stored thereon instructions that, when executed by at least one hardware processor, cause the at least one hardware processor to:
- collect global cyber attack data from a networked resource;
  
  collect organizational profile data from a user, wherein the organizational profile data comprises types of computerized defensive controls employed by the organization, a maturity of each of the computerized defensive controls and organizational assets each associated with at least one of the computerized defensive controls; and
  
  compute a cyber attack risk of the organization in real time, by continuously performing said collecting of global cyber attack data and comparing the global cyber attack data to the organizational profile data, to compute a cyber attack risk score for each of the organizational assets.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The non-transient computer readable medium according to claim 9, wherein the instruction further cause the at least one hardware processor to provide a risk simulator configured to compute an effect of improving one or more of the computerized defensive controls on the cyber attack risk score.
  - 11. The non-transient computer readable medium according to claim 10, wherein said risk simulator is further configured to perform the computing of the effect for each of different ones of the computerized defensive controls, and to compute a tradeoff between improvement of different ones of the computerized defensive controls and the cyber attack risk score.
  - 12. The non-transient computer readable medium according to claim 9, wherein the instruction further cause the at least one hardware processor to display a dashboard comprising the cyber attack risk score for each of the organizational assets.
  - 13. The non-transient computer readable medium according to claim 12, wherein said display of the dashboard further comprises enabling a drill-down into one or more of the organizational assets, to display one or more computerized defensive controls associated with the one or more of the organizational assets.
  - 14. The non-transient computer readable medium according to claim 12, wherein the dashboard comprises a graphical, dynamic gauge for each of the organizational assets.
  - 15. The non-transient computer readable medium according to claim 9, wherein the instruction further cause the at least one hardware processor to compute a success probability score of one or more attack agents indicated by the global cyber attack data.
  - 16. The non-transient computer readable medium according to claim 9, wherein the instruction further cause the at least one hardware processor to compute a success probability score of one or more attack methods indicated by the global cyber attack data.

17. A decision support system comprising at least one hardware processor configured to:
- collect global cyber attack data from a networked resource;
  
  collect organizational profile data from a user, wherein the organizational profile data comprises types of computerized defensive controls employed by the organization, a maturity of each of the computerized defensive controls and organizational assets each associated with at least one of the computerized defensive controls;
  
  compute a cyber attack risk of the organization in real time, by continuously performing said collecting of global cyber attack data and comparing the global cyber attack data to the organizational profile data, to compute a cyber attack risk score for each of the organizational assets; and
  
  supporting a decision on improvement of one or more of the computerized defensive controls by providing a risk simulator configured to compute an effect of improving one or more of the computerized defensive controls on the cyber attack risk score.
- View Dependent Claims (18, 19, 20)
- - 18. The decision support system according to claim 17, wherein said risk simulator is further configured to perform the computing of the effect for each of different ones of the computerized defensive controls, and to compute a tradeoff between improvement of different ones of the computerized defensive controls and the cyber attack risk score.
  - 19. The decision support system according to claim 17, wherein the at least one hardware processor is further configured to compute a success probability score of one or more attack agents indicated by the global cyber attack data.
  - 20. The decision support system according to claim 17, wherein the at least one hardware processor is further configured to compute a success probability score of one or more attack methods indicated by the global cyber attack data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAUL Acquisition SUB LLC
Original Assignee
Cytegic Ltd (MasterCard Incorporated)
Inventors
ZANDANI, Shay

Granted Patent

US 9,426,169 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

SYSTEM AND METHOD FOR CYBER ATTACKS ANALYSIS AND DECISION SUPPORT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR CYBER ATTACKS ANALYSIS AND DECISION SUPPORT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links