Inferential Analysis Using Feedback for Extracting and Combining Cyber Risk Information
First Claim
Patent Images
1. A method, comprising:
- assessing risk of a cyber security failure in a computer network of an entity, using a computer agent configured to collect information from at least one accessible Internet elements, wherein the collection of information occurs periodically or continually over time, wherein the assessing of risk comprises;
evaluating the collected information to obtain circumstantial or indirect information that is indicative of the entity;
cross-referencing data in the collected information to confirm or infer that the entity is referenced in the circumstantial or indirect information that is indicative of the entity being referenced in the circumstantial or indirect information; and
increasing or decreasing the assessed risk if the circumstantial or indirect information is respectively negative or positive;
automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy; and
automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk.
4 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Some embodiments involve using continual or periodic data collecting to improve inferential analysis, as well as obtaining circumstantial or inferential information from social networks. Machine learning may be used to improve predicitive capabilities. Some embodiments allow for identification of an entity from circumstantial or inferential information based on the machine learning and comparative analyses.
-
Citations
23 Claims
-
1. A method, comprising:
-
assessing risk of a cyber security failure in a computer network of an entity, using a computer agent configured to collect information from at least one accessible Internet elements, wherein the collection of information occurs periodically or continually over time, wherein the assessing of risk comprises; evaluating the collected information to obtain circumstantial or indirect information that is indicative of the entity; cross-referencing data in the collected information to confirm or infer that the entity is referenced in the circumstantial or indirect information that is indicative of the entity being referenced in the circumstantial or indirect information; and increasing or decreasing the assessed risk if the circumstantial or indirect information is respectively negative or positive; automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy; and automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method, comprising:
-
collecting information from at least one publicly accessible Internet elements, the collection of information occurring periodically or continually over time; evaluating the collected information to obtain circumstantial or indirect information that is indicative of an entity; matching the obtained circumstantial or indirect information to entity information included in a database; cross-referencing data in the collected information with the information in the database to confirm or infer that the entity is referenced in the circumstantial or indirect information that is indicative of the entity being referenced in the circumstantial or indirect information; automatically determining a change or a setting to at least one element of policy criteria of a cyber security policy of the entity based on the collected information; and automatically recommending computer network changes that improve the cyber security policy based on the collected information. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
Specification