SYSTEM FOR DETERMINING EFFECTIVENESS AND ALLOCATION OF INFORMATION SECURITY TECHNOLOGIES
First Claim
1. A computerized system for determining the effectiveness of information security technologies, comprising:
- a computer apparatus including a processor, a memory, and a network communication device; and
an information security analysis module stored in the memory, executable by the processor, and configured for;
determining a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions;
determining a defense-in-depth score Dresource for each resource class;
determining a defense-in-depth score Doperation for each security operational function;
based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining an aggregate security score; and
providing the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed is a computerized system for determining the collective effectiveness of information security technologies. The system typically includes a processor, a memory, and an information security analysis module stored in the memory. The system for is typically configured for: determining a security score for each element of a security technology defense matrix, a first dimension of the security technology defense matrix corresponding to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponding to a plurality of security operational functions; determining a defense-in-depth score for each resource class and each security operational function; determining an aggregate security score; and providing the aggregate security score the defense-in-depth scores for each resource class and each security operational function to a user computing device. The system may be configured to provide technology deployment recommendations. Based on such recommendations, additional security technologies may be deployed.
-
Citations
21 Claims
-
1. A computerized system for determining the effectiveness of information security technologies, comprising:
-
a computer apparatus including a processor, a memory, and a network communication device; and an information security analysis module stored in the memory, executable by the processor, and configured for; determining a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions; determining a defense-in-depth score Dresource for each resource class; determining a defense-in-depth score Doperation for each security operational function; based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining an aggregate security score; and providing the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for determining the effectiveness of information security technologies comprising a non-transitory computer-readable storage medium having computer-executable instructions for:
-
determining a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions; determining a defense-in-depth score Dresource for each resource class; determining a defense-in-depth score Doperation for each security operational function; based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining an aggregate security score; and providing the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for determining the effectiveness of information security technologies, comprising:
-
determining, via a computer processor, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions; determining, via a computer processor, a defense-in-depth score Dresource for each resource class; determining, via a computer processor, a defense-in-depth score Doperation for each security operational function; based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining, via a computer processor, an aggregate security score; and providing, via a computer processor, the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification