Method for the Continuous Calculation of a Cyber Security Risk Index
First Claim
1. A method for assessing a cyber security risk, the method comprising the steps of:
- obtaining cyber security precursor information from a plurality of sources, wherein the cyber security precursor information can be obtained from one or more online or offline sources;
normalizing the obtained cyber security precursor information to a common information model;
generating, from the normalized cyber security precursor information, one or more events;
producing, from the one or more generated events, one or more facts;
calculating a plurality of risk indicators from the one or more facts;
normalizing the plurality of risk indicators to a common model;
calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and
calculating, using the one or more cyber risk index component scores, a cyber risk indicator index.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for assessing a cyber security risk, the method comprising the steps of: obtaining cyber security precursor information from a plurality of sources, wherein the cyber security precursor information can be obtained from one or more online or offline sources; normalizing the obtained cyber security precursor information to a common information model; generating, from the normalized cyber security precursor information, one or more events; producing, from the one or more generated events, one or more facts; calculating a plurality of risk indicators from the one or more facts; normalizing the plurality of risk indicators to a common model; calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and calculating, using the one or more cyber risk index component scores, a cyber risk indicator index.
65 Citations
31 Claims
-
1. A method for assessing a cyber security risk, the method comprising the steps of:
-
obtaining cyber security precursor information from a plurality of sources, wherein the cyber security precursor information can be obtained from one or more online or offline sources; normalizing the obtained cyber security precursor information to a common information model; generating, from the normalized cyber security precursor information, one or more events; producing, from the one or more generated events, one or more facts; calculating a plurality of risk indicators from the one or more facts; normalizing the plurality of risk indicators to a common model; calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and calculating, using the one or more cyber risk index component scores, a cyber risk indicator index. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computerized system configured to assess a cyber security risk, the system comprising:
-
a plurality of sensors, the plurality of sensors configured to obtain cyber security precursor information; an event database configured to store one or more events; a fact database configured to store one or more facts; and a processor programmed to perform the steps of;
(i) receiving the cyber security precursor information from the plurality of sensors;
(ii) normalizing the obtained cyber security precursor information to a common information model;
(iii) generating, from the normalized cyber security precursor information, one or more events;
(iv) storing the generated one or more events in the event database;
(v) producing, from the one or more generated events, one or more facts;
(vi) storing the one or more facts in the facts database;
(vii) calculating a plurality of risk indicators from the one or more facts;
(viii) normalizing the plurality of risk indicators to a common model;
(ix) calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and
(x) calculating, using the one or more cyber risk index component scores, a cyber risk indicator index. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer system configured to assess a cyber security risk, the computer system comprising:
-
a non-transitory computer-readable storage medium configured to store data collected by the computer system and comprising computer-executable instructions; a processor programmed to execute the computer-executable instructions resulting in the computer system performing the steps of;
receiving cyber security precursor information from a plurality of sensors;
(ii) normalizing the obtained cyber security precursor information to a common information model;
(iii) generating, from the normalized cyber security precursor information, one or more events;
(iv) storing the generated one or more events in the non-transitory computer-readable storage medium;
(v) producing, from the one or more generated events, one or more facts;
(vi) storing the one or more facts in the non-transitory computer-readable storage medium;
(vii) calculating a plurality of risk indicators from the one or more facts;
(viii) normalizing the plurality of risk indicators to a common model;
(ix) calculating, using the normalized plurality of risk indicators, one or more cyber risk index component scores; and
(x) calculating, using the one or more cyber risk index component scores, a cyber risk indicator index. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31)
-
Specification