Apparatus and method for assessing financial loss from cyber threats capable of affecting at least one computer network
First Claim
1. An apparatus including one or more computer processors and a computer readable memory in which programming code is stored, wherein the one or more computer processors are configured pursuant to programming code in the computer readable memory to predict, for each of a plurality of threats capable of affecting at least one computer network in which a plurality of systems operate, future threat activity using a Monte Carlo method based on stochastic modeling of past observed threat events, wherein the plurality of threats includes a plurality of electronic threats and the plurality of electronic threats includes a plurality of computer viruses,wherein the one or more computer processors are configured, for a given threat, to model a set of past observed threat events to obtain an estimate of at least one model parameter, and, in a Monte Carlo simulation of a given threat,to predict future threat events using the at least one model parameter and a stochastic model using a projection of at least one model parameter which is based on the estimate of at least one model parameter and on a randomly-drawn variable, andto predict a distribution of future threat events by repeating the simulation using a plurality of variables.
0 Assignments
0 Petitions
Accused Products
Abstract
Apparatus and method for assessing financial loss posed by cyber threats capable of affecting at least one computer network in which a plurality of systems operate based on statistical modelling of cyber threat events to determine predicted threat activity, to determine expected downtime of each system in dependence upon said predicted cyber threat activity, to determine financial loss for each of a plurality of operational processes dependent upon the downtimes of the systems, to add financial losses for the plurality of processes so as to obtain a combined financial loss arising from the cyber threat activity, to determine pricing of insurance, to determine cost benefit analysis of computer network security upgrades.
-
Citations
18 Claims
-
1. An apparatus including one or more computer processors and a computer readable memory in which programming code is stored, wherein the one or more computer processors are configured pursuant to programming code in the computer readable memory to predict, for each of a plurality of threats capable of affecting at least one computer network in which a plurality of systems operate, future threat activity using a Monte Carlo method based on stochastic modeling of past observed threat events, wherein the plurality of threats includes a plurality of electronic threats and the plurality of electronic threats includes a plurality of computer viruses,
wherein the one or more computer processors are configured, for a given threat, to model a set of past observed threat events to obtain an estimate of at least one model parameter, and, in a Monte Carlo simulation of a given threat, to predict future threat events using the at least one model parameter and a stochastic model using a projection of at least one model parameter which is based on the estimate of at least one model parameter and on a randomly-drawn variable, and to predict a distribution of future threat events by repeating the simulation using a plurality of variables.
-
13. A computer-implemented method, the method being performed by a computer system having one or more computer processors and a computer readable memory in which programming code is stored, whereupon execution of the programming code by one or more computer processors the computer system performs operations comprising:
-
predicting, for each of a plurality of threats, future threat activity using a Monte Carlo method based on stochastic modeling of past observed threat events capable of affecting at least one computer network in which a plurality of systems operate, wherein the plurality of threats includes a plurality of electronic threats and the plurality of electronic threats includes a plurality of computer viruses; wherein for each given threat the method comprises; modeling a set of past observed threat events to obtain an estimate of at least one model parameter; performing a Monte Carlo simulation of the given threat by; predicting future threat events using the at least one model parameter and a stochastic model using a projection of at least one model parameter which is based on the estimate of at least one model parameter and on a randomly-drawn variable, and
predicting a distribution of future threat events by repeating the simulation using a plurality of variables. - View Dependent Claims (14, 15, 17)
-
-
16. A computer readable medium having a computer program thereon, which when executed by a computer system having one or more computer processors and a computer readable memory, causes the computer system to predict, for each of a plurality of threats, future threat activity using a Monte Carlo method based on stochastic modelling of past observed threat events capable of affecting at least one computer network in which a plurality of systems operate, wherein the plurality of threats includes a plurality of electronic threats and the plurality of electronic threats includes a plurality of computer viruses
wherein execution of the computer program causes the computer system to perform, for each given threat, steps comprising: -
modeling a set of past observed threat events to obtain an estimate of at least one model parameter; performing a Monte Carlo simulation of the given threat by; predicting future threat events using the at least one model parameter and a stochastic model using a projection of at least one model parameter which is based on the estimate of at least one model parameter and on a randomly-drawn variable, and predicting a distribution of future threat events by repeating the simulation using a plurality of variables. - View Dependent Claims (18)
-
Specification