METHOD OF PROVIDING CYBER SECURITY AS A SERVICE
First Claim
1. A method of providing a cyber security defense comprising:
- assessing a plurality of security risks in an information technology infrastructure;
implementing a plurality of attack-prevention procedures configured to control access to the information technology infrastructure;
providing a plurality of security policies for the information technology infrastructure;
employing a plurality of cyber defense procedures configured to detect at least one violation of the plurality of security policies; and
implementing a plurality of response and recovery procedures configured to automatically respond to the at least one violation of the plurality of security policies.
0 Assignments
0 Petitions
Accused Products
Abstract
A cyber system including a method of providing cyber security as a service is provided. The cyber system may include an integrated architecture of defensive and offensive security procedures and processes that enable enterprises to practice safe, holistic security techniques. The plurality of cyber defense procedures may include a plurality of risk-based assessment procedures, a plurality of attack-prevention procedures, a plurality of detection procedures and a plurality of response and recovery procedures. The plurality of cyber offense procedures may include a plurality of cyber weapon procedures, a plurality of cyber Intelligence, surveillance and reconnaissance procedures, a plurality of information operations target exploitation procedures and a plurality of information operations attack procedures. The cyber system may also include a plurality of overlapping processes interconnecting the plurality of cyber offense procedures and plurality of cyber defense procedures. The plurality of overlapping processes may include a change management, a configuration management, a service desk and a service-level management. The change management may be structured within an enterprise for ensuring that changes in people, facilities, technology and/or processes are smoothly and successfully implemented to achieve lasting benefits. The configuration management may establish and maintain the consistency of a product'"'"'s performance, functional and physical attributes with its requirements, design and operational information throughout its life. The service desk may provide the communication needs of the users, employees and customers. Service-level management may assess the impact of change on service quality and establish performance metrics and benchmarks.
-
Citations
37 Claims
-
1. A method of providing a cyber security defense comprising:
-
assessing a plurality of security risks in an information technology infrastructure; implementing a plurality of attack-prevention procedures configured to control access to the information technology infrastructure; providing a plurality of security policies for the information technology infrastructure; employing a plurality of cyber defense procedures configured to detect at least one violation of the plurality of security policies; and implementing a plurality of response and recovery procedures configured to automatically respond to the at least one violation of the plurality of security policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method of providing a cyber security offense comprising:
-
implementing a plurality of cyber weapon procedures configured to attack a plurality of targeted networks and information systems; implementing a plurality of cyber intelligence surveillance and reconnaissance procedures configured to assess the weaknesses of the plurality of targeted networks and information systems; implementing a plurality of information operation target exploitation procedures configured to collect, destroy and disrupt data contained within the plurality of targeted networks and information systems; and implementing a plurality of information operation attack procedures configured to circumvent and access security controls of the plurality of targeted networks and information systems, wherein the access is used to destroy resources and data controls of the plurality of targeted networks and information systems. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A method of providing a cyber security defense and offense comprising:
-
assessing a plurality of security risks in an information technology infrastructure; implementing a plurality of attack-prevention procedures configured to control access to the information technology infrastructure; providing a plurality of security policies for the information technology infrastructure; employing a plurality of cyber defense procedures configured to detect at least one violation of the plurality of security policies; implementing a plurality of response and recovery procedures configured to automatically respond to the at least one violation of the plurality of security policies; implementing a plurality of cyber weapon procedures configured to attack a plurality of targeted networks and information systems; implementing a plurality of cyber intelligence surveillance and reconnaissance procedures configured to assess the weaknesses of the plurality of targeted networks and information systems; implementing a plurality of information operation target exploitation procedures configured to collect, destroy and disrupt data contained within the plurality of targeted networks and information systems; and implementing a plurality of information operation attack procedures configured to circumvent the security controls of the plurality of targeted networks and information systems, wherein the access is used to destroy resources and data controls of the plurality of targeted networks and information systems.
-
Specification