System for determining effectiveness and allocation of information security technologies
First Claim
1. A computerized system for determining the effectiveness of information security technologies, comprising:
- an information system having one or more deployed security technologies;
a computer apparatus including a processor, a memory, and a network communication device; and
an information security analysis module stored in the memory, executable by the processor, and configured to;
determine a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with the one or more deployed security technologies of the information system, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
(1−
C1)×
. . . ×
(1−
Cx), wherein x is the total number of controls associated with the particular element;
determine a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1−
Eresourcen), wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;
determine a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2)×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;
based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determine an aggregate security score; and
provide the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed is a computerized system for determining the collective effectiveness of information security technologies. The system typically includes a processor, a memory, and an information security analysis module stored in the memory. The system for is typically configured for: determining a security score for each element of a security technology defense matrix, a first dimension of the security technology defense matrix corresponding to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponding to a plurality of security operational functions; determining a defense-in-depth score for each resource class and each security operational function; determining an aggregate security score; and providing the aggregate security score the defense-in-depth scores for each resource class and each security operational function to a user computing device. The system may be configured to provide technology deployment recommendations. Based on such recommendations, additional security technologies may be deployed.
19 Citations
20 Claims
-
1. A computerized system for determining the effectiveness of information security technologies, comprising:
-
an information system having one or more deployed security technologies; a computer apparatus including a processor, a memory, and a network communication device; and an information security analysis module stored in the memory, executable by the processor, and configured to; determine a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with the one or more deployed security technologies of the information system, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
(1−
C1)×
. . . ×
(1−
Cx), wherein x is the total number of controls associated with the particular element;determine a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1−
Eresourcen), wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;determine a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2)×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determine an aggregate security score; and provide the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program product for determining the effectiveness of information security technologies embodied on a non-transitory computer-readable storage medium having computer-executable instructions for:
-
determining, via a computer system configured for information security analysis, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
(1−
C1)×
. . . ×
(1−
Cx), wherein x is the total number of controls associated with the particular element;determining, via the computer system configured for information security analysis, a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1−
Eresourcen), wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;determining, via the computer system configured for information security analysis, a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2)×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining, via the computer system configured for information security analysis, an aggregate security score; and providing, via the computer system configured for information security analysis, the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method for determining the effectiveness of information security technologies, comprising:
-
determining, via a computer system configured for information security analysis, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
(1−
C1)×
. . . ×
(1−
Cx), wherein x is the total number of controls associated with the particular element;determining, via the computer system configured for information security analysis, a defense-in-depth score Dresource for each resource class, wherein the defense-in-depth score Dresource for each resource class is equal to 1−
(1−
Eresource1)×
(1−
Eresource2)×
. . . ×
(1−
Eresourcen), wherein Eresource corresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;determining, via the computer system configured for information security analysis, a defense-in-depth score Doperation for each security operational function, wherein the defense-in-depth score Doperation for each security operational function is equal to 1−
(1−
Eoperation1)×
(1−
Eoperation2)×
. . . ×
(1−
Eoperationm), wherein Eoperation corresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;based on determining the defense-in-depth score Dresource for each resource class and determining the defense-in-depth score Doperation for each security operational function, determining, via the computer system configured for information security analysis, an aggregate security score; and providing, via the computer system configured for information security analysis, the defense-in-depth score Dresource for each resource class, the defense-in-depth score Doperation for each security operational function, and the aggregate security score to a user computing device. - View Dependent Claims (18, 19, 20)
-
Specification