System for determining effectiveness and allocation of information security technologies
First Claim
1. A computerized system for determining the effectiveness of information security technologies, comprising:
- an information system having one or more deployed security technologies;
a computer apparatus including a processor, a memory, and a network communication device; and
an information security analysis module stored in the memory, executable by the processor, and configured to;
determine a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with the one or more deployed security technologies of the information system, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions;
determine a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1−
Eresourcen), wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;
determine a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2)×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;
based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determine an aggregate security score;
provide the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device;
receive half-life information for each element of the security technology defense matrix; and
based on the half-life information, the determined defense-in-depth score Dresource for each resource class, and the determined defense-in-depth score Doperation for each security operational function, determine a projected future defense-in-depth score for each resource class and security operational function.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed is a computerized system for determining the collective effectiveness of information security technologies. The system typically includes a processor, a memory, and an information security analysis module stored in the memory. The system for is typically configured for: determining a security score for each element of a security technology defense matrix, a first dimension of the security technology defense matrix corresponding to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponding to a plurality of security operational functions; determining a defense-in-depth score for each resource class and each security operational function; determining an aggregate security score; and providing the aggregate security score the defense-in-depth scores for each resource class and each security operational function to a user computing device. The system may be configured to provide technology deployment recommendations. Based on such recommendations, additional security technologies may be deployed.
13 Citations
15 Claims
-
1. A computerized system for determining the effectiveness of information security technologies, comprising:
-
an information system having one or more deployed security technologies; a computer apparatus including a processor, a memory, and a network communication device; and an information security analysis module stored in the memory, executable by the processor, and configured to; determine a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with the one or more deployed security technologies of the information system, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions; determine a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1−
Eresourcen), wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;determine a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2)×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determine an aggregate security score; provide the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device; receive half-life information for each element of the security technology defense matrix; and based on the half-life information, the determined defense-in-depth score Dresource for each resource class, and the determined defense-in-depth score Doperation for each security operational function, determine a projected future defense-in-depth score for each resource class and security operational function. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer program product for determining the effectiveness of information security technologies embodied on a non-transitory computer-readable storage medium having computer-executable instructions for:
-
determining, via a computer system configured for information security analysis, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions; determining, via the computer system configured for information security analysis, a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1Eresourcen) wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;determining, via the computer system configured for information security analysis, a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2) ×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining, via the computer system configured for information security analysis, an aggregate security score; providing, via the computer system configured for information security analysis, the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device; receiving, via the computer system configured for information security analysis, half-life information for each element of the security technology defense matrix; and based on the half-life information, the determined defense-in-depth score Dresource for each resource class, and the determined defense-in-depth score Doperation for each security operational function, determining, via the computer system configured for information security analysis, a projected future defense-in-depth score for each resource class and security operational function. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method for determining the effectiveness of information security technologies, comprising:
-
determining, via a computer system configured for information security analysis, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions; determining, via the computer system configured for information security analysis, a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1−
Eresourcen)wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;determining, via the computer system configured for information security analysis, a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2) ×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining, via the computer system configured for information security analysis, an aggregate security score; providing, via the computer system configured for information security analysis, the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device; receiving, via the computer system configured for information security analysis, half-life information for each element of the security technology defense matrix; and based on the half-life information, the determined defense-in-depth score Dresource for each resource class, and the determined defense-in-depth score Doperation for each security operational function, determining, via the computer system configured for information security analysis, a projected future defense-in-depth score for each resource class and security operational function. - View Dependent Claims (12, 13, 14, 15)
-
Specification