METHOD OF PROVIDING CYBER SECURITY AS A SERVICE

US 20140259095A1
Filed: 03/06/2014
Published: 09/11/2014
Est. Priority Date: 03/06/2013
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing a cyber security defense comprising:

assessing a plurality of security risks in an information technology infrastructure;

implementing a plurality of attack-prevention procedures configured to control access to the information technology infrastructure;

providing a plurality of security policies for the information technology infrastructure;

employing a plurality of cyber defense procedures configured to detect at least one violation of the plurality of security policies; and

implementing a plurality of response and recovery procedures configured to automatically respond to the at least one violation of the plurality of security policies.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cyber system including a method of providing cyber security as a service is provided. The cyber system may include an integrated architecture of defensive and offensive security procedures and processes that enable enterprises to practice safe, holistic security techniques. The plurality of cyber defense procedures may include a plurality of risk-based assessment procedures, a plurality of attack-prevention procedures, a plurality of detection procedures and a plurality of response and recovery procedures. The plurality of cyber offense procedures may include a plurality of cyber weapon procedures, a plurality of cyber Intelligence, surveillance and reconnaissance procedures, a plurality of information operations target exploitation procedures and a plurality of information operations attack procedures. The cyber system may also include a plurality of overlapping processes interconnecting the plurality of cyber offense procedures and plurality of cyber defense procedures. The plurality of overlapping processes may include a change management, a configuration management, a service desk and a service-level management. The change management may be structured within an enterprise for ensuring that changes in people, facilities, technology and/or processes are smoothly and successfully implemented to achieve lasting benefits. The configuration management may establish and maintain the consistency of a product'"'"'s performance, functional and physical attributes with its requirements, design and operational information throughout its life. The service desk may provide the communication needs of the users, employees and customers. Service-level management may assess the impact of change on service quality and establish performance metrics and benchmarks.

Citations

37 Claims

1. A method of providing a cyber security defense comprising:
- assessing a plurality of security risks in an information technology infrastructure;
  
  implementing a plurality of attack-prevention procedures configured to control access to the information technology infrastructure;
  
  providing a plurality of security policies for the information technology infrastructure;
  
  employing a plurality of cyber defense procedures configured to detect at least one violation of the plurality of security policies; and
  
  implementing a plurality of response and recovery procedures configured to automatically respond to the at least one violation of the plurality of security policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. The method of claim 1, wherein assessing the plurality of security risks comprises the steps of:
    - assessing a level of threat of an attack of the information technology infrastructure;
      
      assessing a vulnerability level within the information technology infrastructure; and
      
      assigning a value to the information within the information technology infrastructure.
  - 3. The method of claim 1, wherein assessing the plurality of security risks comprises the step of:
    - defining, measuring, and assessing a performance level of security measures used to protect the information technology infrastructure.
  - 4. The method of claim 1, wherein assessing the plurality of security risks comprises the step of:
    - testing and evaluating the information technology infrastructure throughout phases of development, operation and retirement.
  - 5. The method of claim 1, wherein assessing the plurality of security risks comprises the step of:
    - evaluating a plurality of impacts of a plurality of interconnected systems comprising evaluations of connections between infrastructures.
  - 6. The method of claim 1, wherein assessing the plurality of security risks comprises the step of:
    - preventing unauthorized changes in a software code of the information technology infrastructure.
  - 7. The method of claim 6, wherein assessing the plurality of security risks comprises the step of:
    - assessing the reliability of the software code and limiting the functions of the software code to the software code'"'"'s intended function.
  - 8. The method of claim 1, wherein implementing the plurality of attack-prevention procedures comprises the step of:
    - monitoring of a plurality of transactions and data processed within the information technology infrastructure.
  - 9. The method of claim 1, wherein implementing the plurality of attack-prevention procedures comprises the step of:
    - implementing a plurality of mechanisms and techniques to protect a plurality of physical technologies within the information technology infrastructure.
  - 10. The method of claim 1, wherein implementing the plurality of attack-prevention procedures comprises the step of:
    - implementing a content control mechanism comprising a filter for preventing a plurality of preset content from entering the information technology infrastructure.
  - 11. The method of claim 1, wherein implementing the plurality of attack-prevention procedures comprises the step of:
    - encrypting information to be sent to authorized individuals within the information technology infrastructure.
  - 12. The method of claim 1, wherein implementing the plurality of attack-prevention procedures comprises the step of:
    - implementing a multi level security system comprising a plurality of users having access only to information designated for each individual user.
  - 13. The method of claim 1, wherein implementing the plurality of attack-prevention procedures comprises the step of:
    - providing mechanisms to prevent a delivery of a malicious software, detect an existence of the malicious software, and provide a remedy to remove the malicious software.
  - 14. The method of claim 1, wherein implementing the plurality of attack-prevention procedures comprises the step of:
    - providing a plurality of secure identifiers for each of a plurality of users, devices, and services within the information technology infrastructure.
  - 15. The method of claim 1, wherein employing the plurality of cyber defense procedures further comprises the step of:
    - assimilating information from a plurality of mechanisms within the information technology infrastructure to detect the malware software.
  - 16. The method of claim 1, wherein employing the plurality of cyber defense procedures further comprises the step of:
    - detecting hidden data flows comprising the detection of information hidden within a stream of information that is transmitted from one entity to another.
  - 17. The method of claim 1, wherein employing the plurality of cyber defense procedures further comprises the step of:
    - identifying unauthorized entities within the information technology infrastructure.
  - 18. The method of claim 1, wherein employing the plurality of cyber defense procedures further comprises the step of:
    - comparing assimilated information from a plurality of mechanisms within the information technology infrastructure to a plurality of predetermined baselines so as to detect malicious modifications and corruption of files within the information technology infrastructure.
  - 19. The method of claim 1, wherein employing the plurality of cyber defense procedures further comprises the step of:
    - providing graphical, statistical, and analytical visualization of the threatened information within the information technology infrastructure.
  - 20. The method of claim 1, wherein employing the plurality of cyber defense procedures further comprises the step of:
    - providing trends of past security attacks comprising manual and automated tools to detect and characterize unrecognized patterns within data.
  - 21. The method of claim 1, wherein implementing the plurality of response and recovery procedures further comprises the steps of:
    - determining a portion of the information technology infrastructure that has been attacked;
      
      determining a level of damage of the attack; and
      
      determining an origination of the attack.
  - 22. The method of claim 1, wherein implementing the plurality of response and recovery procedures further comprises the step of:
    - utilizing incident response history data that provides guidance on handling an attack.
  - 23. The method of claim 1, wherein implementing the plurality of response and recovery procedures further comprises the step of:
    - implementing temporary changes to the information technology infrastructure in response to the attack.
  - 24. The method of claim 1, wherein implementing the plurality of response and recovery procedures further comprises the step of:
    - implementing deception tactics to guide attackers away from production systems and into a plurality of contained and monitored environments.
  - 25. The method of claim 1, wherein implementing the plurality of response and recovery procedures further comprises the step of:
    - reverse engineering the malicious software code so as to counteract an attack based on the reversed engineered code.

26. A method of providing a cyber security offense comprising:
- implementing a plurality of cyber weapon procedures configured to attack a plurality of targeted networks and information systems;
  
  implementing a plurality of cyber intelligence surveillance and reconnaissance procedures configured to assess the weaknesses of the plurality of targeted networks and information systems;
  
  implementing a plurality of information operation target exploitation procedures configured to collect, destroy and disrupt data contained within the plurality of targeted networks and information systems; and
  
  implementing a plurality of information operation attack procedures configured to circumvent and access security controls of the plurality of targeted networks and information systems, wherein the access is used to destroy resources and data controls of the plurality of targeted networks and information systems.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 27. The method of claim 26, wherein the implementing the plurality of cyber weapon procedures comprises the step of:
    - utilizing a plurality of malicious software and hardware devices to deny, disrupt and destroy the plurality of targeted networks and information systems.
  - 28. The method of claim 27, wherein the implementing the plurality of cyber weapon procedures comprises the step of:
    - utilizing reverse engineering to conceal the plurality of malicious software and hardware devices.
  - 29. The method of claim 26, wherein the implementing the plurality of cyber intelligence surveillance and reconnaissance procedures comprises the step of:
    - probing and monitoring the plurality of targeted networks and information systems so as to access a plurality of internal and external attack surfaces of the plurality of targeted networks and information systems.
  - 30. The method of claim 26, wherein the implementing the plurality of cyber intelligence surveillance and reconnaissance procedures comprises the step of:
    - deceiving the plurality of targeted networks and information systems so as to misdirect the resources and capabilities of the plurality of targeted networks and information systems.
  - 31. The method of claim 26, wherein the implementing the plurality of information operation target exploitation procedures comprises the step of:
    - capturing data of interest by exploring directories, file shares and repositories within the of the plurality of targeted networks and information systems.
  - 32. The method of claim 26, wherein the implementing the plurality of information operation target exploitation procedures comprises the step of:
    - establishing control of resources within the plurality of targeted networks and information systems.
  - 33. The method of claim 26, wherein the implementing the plurality of information operation target exploitation procedures comprises the step of:
    - concealing and exporting captured data from the plurality of targeted networks and information systems.
  - 34. The method of claim 26, wherein the implementing the plurality of information operation attack procedures comprises the step of:
    - circumventing the security controls of the plurality of targeted networks and information systems so as to destroy data within and mount a denial of service to the plurality of targeted networks and information systems.
  - 35. The method of claim 26, wherein the implementing the plurality of information operation attack procedures comprises the step of:
    - utilizing an authorized user to circumventing the security controls of the plurality of targeted networks and information systems.
  - 36. The method of claim 26, wherein the implementing the plurality of information operation attack procedures comprises the step of:
    - inserting of the plurality of malicious software and hardware devices into the supply chain of the of targeted networks and information systems.

37. A method of providing a cyber security defense and offense comprising:
- assessing a plurality of security risks in an information technology infrastructure;
  
  implementing a plurality of attack-prevention procedures configured to control access to the information technology infrastructure;
  
  providing a plurality of security policies for the information technology infrastructure;
  
  employing a plurality of cyber defense procedures configured to detect at least one violation of the plurality of security policies;
  
  implementing a plurality of response and recovery procedures configured to automatically respond to the at least one violation of the plurality of security policies;
  
  implementing a plurality of cyber weapon procedures configured to attack a plurality of targeted networks and information systems;
  
  implementing a plurality of cyber intelligence surveillance and reconnaissance procedures configured to assess the weaknesses of the plurality of targeted networks and information systems;
  
  implementing a plurality of information operation target exploitation procedures configured to collect, destroy and disrupt data contained within the plurality of targeted networks and information systems; and
  
  implementing a plurality of information operation attack procedures configured to circumvent the security controls of the plurality of targeted networks and information systems, wherein the access is used to destroy resources and data controls of the plurality of targeted networks and information systems.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
James Alvin Bryant
Original Assignee
James Alvin Bryant
Inventors
Bryant, James Alvin

Application Number

US14/199,875
Publication Number

US 20140259095A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

H04L 63/145 the attack involving the pr...

H04L 63/20 for managing network securi...

METHOD OF PROVIDING CYBER SECURITY AS A SERVICE

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD OF PROVIDING CYBER SECURITY AS A SERVICE

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links