SYSTEM FOR DETERMINING EFFECTIVENESS AND ALLOCATION OF INFORMATION SECURITY TECHNOLOGIES

US 20170180408A1
Filed: 12/21/2015
Published: 06/22/2017
Est. Priority Date: 12/21/2015
Status: Active Grant

First Claim

Patent Images

1. A computerized system for determining the effectiveness of information security technologies, comprising:

a computer apparatus including a processor, a memory, and a network communication device; and

an information security analysis module stored in the memory, executable by the processor, and configured for;

determining a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions;

determining a defense-in-depth score D_resourcefor each resource class;

determining a defense-in-depth score D_operationfor each security operational function;

based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determining an aggregate security score; and

providing the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a computerized system for determining the collective effectiveness of information security technologies. The system typically includes a processor, a memory, and an information security analysis module stored in the memory. The system for is typically configured for: determining a security score for each element of a security technology defense matrix, a first dimension of the security technology defense matrix corresponding to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponding to a plurality of security operational functions; determining a defense-in-depth score for each resource class and each security operational function; determining an aggregate security score; and providing the aggregate security score the defense-in-depth scores for each resource class and each security operational function to a user computing device. The system may be configured to provide technology deployment recommendations. Based on such recommendations, additional security technologies may be deployed.

Citations

21 Claims

1. A computerized system for determining the effectiveness of information security technologies, comprising:
- a computer apparatus including a processor, a memory, and a network communication device; and
  
  an information security analysis module stored in the memory, executable by the processor, and configured for;
  
  determining a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions;
  
  determining a defense-in-depth score D_resourcefor each resource class;
  
  determining a defense-in-depth score D_operationfor each security operational function;
  
  based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determining an aggregate security score; and
  
  providing the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computerized system according to claim 1, wherein:
    - the defense-in-depth score D_resourcefor each resource class is equal to 1−
      
      (1−
      
      E_resource1)×
      
      (1−
      
      E_resource2)×
      
      . . . ×
      
      (1−
      
      E_resourcen), wherein E_resourcecorresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class; and
      
      the defense-in-depth score D_operationfor each security operational function is equal to 1−
      
      (1−
      
      E_operation1)×
      
      (1−
      
      E_operation2)×
      
      . . . ×
      
      (1−
      
      E_operationm), wherein E_operationcorresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function.
  - 3. The computerized system according to claim 2, wherein the information security analysis module is configured for:
    - receiving half-life information for each element of the security technology defense matrix; and
      
      based on the half-life information, the determined defense-in-depth score D_resourcefor each resource class, and the determined defense-in-depth score D_operationfor each security operational function, determining a projected future defense-in-depth score for each resource class and security operational function.
  - 4. The computerized system according to claim 2, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
    - (1−
      
      C₁)×
      
      . . . ×
      
      (1−
      
      C_x), wherein x is the total number of controls associated with the particular element.
  - 5. The computerized system according to claim 2, wherein the information security analysis module is configured for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining an aggregate security score for each of the plurality of future deployment scenarios; and
      
      based on determining an aggregate security score for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.
  - 6. The computerized system according to claim 2, wherein the information security analysis module is configured for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.
  - 7. The computerized system according to claim 2, wherein the information security analysis module is configured for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.

8. A computer program product for determining the effectiveness of information security technologies comprising a non-transitory computer-readable storage medium having computer-executable instructions for:
- determining a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions;
  
  determining a defense-in-depth score D_resourcefor each resource class;
  
  determining a defense-in-depth score D_operationfor each security operational function;
  
  based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determining an aggregate security score; and
  
  providing the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product according to claim 8, wherein:
    - the defense-in-depth score D_resourcefor each resource class is equal to 1−
      
      (1−
      
      E_resource1)×
      
      (1−
      
      E_resource2)×
      
      . . . ×
      
      (1−
      
      E_resourcen), wherein E_resourcecorresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class; and
      
      the defense-in-depth score D_operationfor each security operational function is equal to 1−
      
      (1−
      
      E_operation1)×
      
      (1−
      
      E_operation2)×
      
      . . . ×
      
      (1−
      
      E_operationm), wherein E_operationcorresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function.
  - 10. The computer program product according to claim 9, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving half-life information for each element of the security technology defense matrix;
      
      based on the half-life information, the determined defense-in-depth score D_resourcefor each resource class, and the determined defense-in-depth score D_operationfor each security operational function, determining a projected future defense-in-depth score for each resource class and security operational function.
  - 11. The computer program product according to claim 9, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
    - (1−
      
      C₁)×
      
      . . . ×
      
      (1−
      
      C_x), wherein x is the total number of controls associated with the particular element.
  - 12. The computer program product according to claim 9, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining an aggregate security score for each of the plurality of future deployment scenarios; and
      
      based on determining an aggregate security score for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.
  - 13. The computer program product according to claim 9, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.
  - 14. The computer program product according to claim 9, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.

15. A method for determining the effectiveness of information security technologies, comprising:
- determining, via a computer processor, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions;
  
  determining, via a computer processor, a defense-in-depth score D_resourcefor each resource class;
  
  determining, via a computer processor, a defense-in-depth score D_operationfor each security operational function;
  
  based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determining, via a computer processor, an aggregate security score; and
  
  providing, via a computer processor, the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method according to claim 15, wherein:
    - the defense-in-depth score D_resourcefor each resource class is equal to 1−
      
      (1−
      
      E_resource1)×
      
      (1−
      
      E_resource2)×
      
      . . . ×
      
      (1−
      
      E_resourcen), wherein E_resourcecorresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class; and
      
      the defense-in-depth score D_operationfor each security operational function is equal to 1−
      
      (1−
      
      E_operation1)×
      
      (1−
      
      E_operation2)×
      
      . . . ×
      
      (1−
      
      E_operationm), wherein E_operationcorresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function.
  - 17. The method according to claim 16, comprising:
    - receiving half-life information for each element of the security technology defense matrix;
      
      based on the half-life information, the determined defense-in-depth score D_resourcefor each resource class, and the determined defense-in-depth score D_operationfor each security operational function, determining a projected future defense-in-depth score for each resource class and security operational function.
  - 18. The method according to claim 16, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
    - (1−
      
      C₁)×
      
      . . . ×
      
      (1−
      
      C_x), wherein x is the total number of controls associated with the particular element.
  - 19. The method according to claim 16, comprising:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining an aggregate security score for each of the plurality of future deployment scenarios;
      
      based on determining an aggregate security score for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device; and
      
      deploying one or more additional security technologies based on the technology deployment recommendation.
  - 20. The method according to claim 16, comprising:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios;
      
      based on determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device; and
      
      deploying one or more additional security technologies based on the technology deployment recommendation.
  - 21. The method according to claim 16, comprising:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios;
      
      based on determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device; and
      
      deploying one or more additional security technologies based on the technology deployment recommendation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Yu, Sounil

Granted Patent

US 9,800,607 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/24578 using ranking

H04L 63/1433 Vulnerability analysis

SYSTEM FOR DETERMINING EFFECTIVENESS AND ALLOCATION OF INFORMATION SECURITY TECHNOLOGIES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM FOR DETERMINING EFFECTIVENESS AND ALLOCATION OF INFORMATION SECURITY TECHNOLOGIES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links