System for determining effectiveness and allocation of information security technologies

US 9,843,600 B1
Filed: 08/03/2017
Issued: 12/12/2017
Est. Priority Date: 12/21/2015
Status: Active Grant

First Claim

Patent Images

1. A computerized system for determining the effectiveness of information security technologies, comprising:

an information system having one or more deployed security technologies;

a computer apparatus including a processor, a memory, and a network communication device; and

an information security analysis module stored in the memory, executable by the processor, and configured to;

determine a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with the one or more deployed security technologies of the information system, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−

(1−

C₁)×

. . . ×

(1−

C_x), wherein x is the total number of controls associated with the particular element;

determine a defense-in-depth score D_resourcefor each resource class, wherein the defense-in-depth score D_resourcefor each resource class is equal to 1−

(1−

E_resource1)×

(1−

E_resource2)×

. . . ×

(1−

E_resourcen), wherein E_resourcecorresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;

determine a defense-in-depth score D_operationfor each security operational function, wherein the defense-in-depth score D_operationfor each security operational function is equal to 1−

(1−

E_operation1)×

(1−

E_operation2)×

. . . ×

(1−

E_operationm), wherein E_operationcorresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;

based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determine an aggregate security score; and

provide the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a computerized system for determining the collective effectiveness of information security technologies. The system typically includes a processor, a memory, and an information security analysis module stored in the memory. The system for is typically configured for: determining a security score for each element of a security technology defense matrix, a first dimension of the security technology defense matrix corresponding to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponding to a plurality of security operational functions; determining a defense-in-depth score for each resource class and each security operational function; determining an aggregate security score; and providing the aggregate security score the defense-in-depth scores for each resource class and each security operational function to a user computing device. The system may be configured to provide technology deployment recommendations. Based on such recommendations, additional security technologies may be deployed.

19 Citations

View as Search Results

20 Claims

1. A computerized system for determining the effectiveness of information security technologies, comprising:
- an information system having one or more deployed security technologies;
  
  a computer apparatus including a processor, a memory, and a network communication device; and
  
  an information security analysis module stored in the memory, executable by the processor, and configured to;
  
  determine a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with the one or more deployed security technologies of the information system, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
  
  (1−
  
  C₁)×
  
  . . . ×
  
  (1−
  
  C_x), wherein x is the total number of controls associated with the particular element;
  
  determine a defense-in-depth score D_resourcefor each resource class, wherein the defense-in-depth score D_resourcefor each resource class is equal to 1−
  
  (1−
  
  E_resource1)×
  
  (1−
  
  E_resource2)×
  
  . . . ×
  
  (1−
  
  E_resourcen), wherein E_resourcecorresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;
  
  determine a defense-in-depth score D_operationfor each security operational function, wherein the defense-in-depth score D_operationfor each security operational function is equal to 1−
  
  (1−
  
  E_operation1)×
  
  (1−
  
  E_operation2)×
  
  . . . ×
  
  (1−
  
  E_operationm), wherein E_operationcorresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;
  
  based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determine an aggregate security score; and
  
  provide the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computerized system according to claim 1, wherein the information security analysis module is configured to:
    - receive information regarding a plurality of future deployment scenarios;
      
      determine an aggregate security score for each of the plurality of future deployment scenarios; and
      
      based on determining an aggregate security score for each of the plurality of future deployment scenarios, provide a technology deployment recommendation to a user computing device.
  - 3. The computerized system according to claim 2, wherein the technology deployment recommendation is a recommendation to upgrade one or more of the deployed security technologies.
  - 4. The computerized system according to claim 2, wherein the technology deployment recommendation is a recommendation to deploy one or more additional security technologies.
  - 5. The computerized system according to claim 1, wherein the information security analysis module is configured to:
    - receive information regarding a plurality of future deployment scenarios;
      
      determine a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios, provide a technology deployment recommendation to a user computing device.
  - 6. The computerized system according to claim 5, wherein the technology deployment recommendation is a recommendation to upgrade one or more of the deployed security technologies.
  - 7. The computerized system according to claim 5, wherein the technology deployment recommendation is a recommendation to deploy one or more additional security technologies.
  - 8. The computerized system according to claim 1, wherein the information security analysis module is configured to:
    - receive information regarding a plurality of future deployment scenarios;
      
      determine a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios, provide a technology deployment recommendation to a user computing device.
  - 9. The computerized system according to claim 8, wherein the technology deployment recommendation is a recommendation to upgrade one or more of the deployed security technologies.
  - 10. The computerized system according to claim 8, wherein the technology deployment recommendation is a recommendation to deploy one or more additional security technologies.

11. A computer program product for determining the effectiveness of information security technologies embodied on a non-transitory computer-readable storage medium having computer-executable instructions for:
- determining, via a computer system configured for information security analysis, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
  
  (1−
  
  C₁)×
  
  . . . ×
  
  (1−
  
  C_x), wherein x is the total number of controls associated with the particular element;
  
  determining, via the computer system configured for information security analysis, a defense-in-depth score D_resourcefor each resource class, wherein the defense-in-depth score D_resourcefor each resource class is equal to 1−
  
  (1−
  
  E_resource1)×
  
  (1−
  
  E_resource2)×
  
  . . . ×
  
  (1−
  
  E_resourcen), wherein E_resourcecorresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;
  
  determining, via the computer system configured for information security analysis, a defense-in-depth score D_operationfor each security operational function, wherein the defense-in-depth score D_operationfor each security operational function is equal to 1−
  
  (1−
  
  E_operation1)×
  
  (1−
  
  E_operation2)×
  
  . . . ×
  
  (1−
  
  E_operationm), wherein E_operationcorresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;
  
  based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determining, via the computer system configured for information security analysis, an aggregate security score; and
  
  providing, via the computer system configured for information security analysis, the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The computer program product according to claim 11, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining an aggregate security score for each of the plurality of future deployment scenarios; and
      
      based on determining an aggregate security score for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.
  - 13. The computer program product according to claim 12, wherein the technology deployment recommendation is a recommendation to upgrade one or more of the deployed security technologies.
  - 14. The computer program product according to claim 12, wherein the technology deployment recommendation is a recommendation to deploy one or more additional security technologies.
  - 15. The computer program product according to claim 11, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.
  - 16. The computer program product according to claim 11, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios; and
      
      based on determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device.

17. A method for determining the effectiveness of information security technologies, comprising:
- determining, via a computer system configured for information security analysis, a security score for each element of a security technology defense matrix, each element of the security technology defense matrix being associated with one or more deployed security technologies, wherein a first dimension of the security technology defense matrix corresponds to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponds to a plurality of security operational functions, wherein determining a security score for each element of the security technology defense matrix comprises determining a control score C for one or more controls associated with each element, the security score for each element of the security technology defense matrix being equal to 1−
  
  (1−
  
  C₁)×
  
  . . . ×
  
  (1−
  
  C_x), wherein x is the total number of controls associated with the particular element;
  
  determining, via the computer system configured for information security analysis, a defense-in-depth score D_resourcefor each resource class, wherein the defense-in-depth score D_resourcefor each resource class is equal to 1−
  
  (1−
  
  E_resource1)×
  
  (1−
  
  E_resource2)×
  
  . . . ×
  
  (1−
  
  E_resourcen), wherein E_resourcecorresponds to the security score for each element of the security technology defense matrix that is associated with a particular resource class and n is the total number of elements of the security technology defense matrix associated with the particular resource class;
  
  determining, via the computer system configured for information security analysis, a defense-in-depth score D_operationfor each security operational function, wherein the defense-in-depth score D_operationfor each security operational function is equal to 1−
  
  (1−
  
  E_operation1)×
  
  (1−
  
  E_operation2)×
  
  . . . ×
  
  (1−
  
  E_operationm), wherein E_operationcorresponds to the security score for each element of the security technology defense matrix that is associated with a particular security operational function and m is the total number of elements of the security technology defense matrix associated with the particular security operational function;
  
  based on determining the defense-in-depth score D_resourcefor each resource class and determining the defense-in-depth score D_operationfor each security operational function, determining, via the computer system configured for information security analysis, an aggregate security score; and
  
  providing, via the computer system configured for information security analysis, the defense-in-depth score D_resourcefor each resource class, the defense-in-depth score D_operationfor each security operational function, and the aggregate security score to a user computing device.
- View Dependent Claims (18, 19, 20)
- - 18. The method according to claim 17, comprising:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining an aggregate security score for each of the plurality of future deployment scenarios;
      
      based on determining an aggregate security score for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device; and
      
      deploying one or more additional security technologies based on the technology deployment recommendation.
  - 19. The method according to claim 17, comprising:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios;
      
      based on determining a defense-in-depth score for one of the resource classes for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device; and
      
      deploying one or more additional security technologies based on the technology deployment recommendation.
  - 20. The method according to claim 17, comprising:
    - receiving information regarding a plurality of future deployment scenarios;
      
      determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios;
      
      based on determining a defense-in-depth score for one of the security operational functions for each of the plurality of future deployment scenarios, providing a technology deployment recommendation to a user computing device; and
      
      deploying one or more additional security technologies based on the technology deployment recommendation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Yu, Sounil
Primary Examiner(s)
Holder, Bradley

Application Number

US15/668,233
Publication Number

US 20170359367A1
Time in Patent Office

131 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/24578 using ranking

H04L 63/1433 Vulnerability analysis

System for determining effectiveness and allocation of information security technologies

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System for determining effectiveness and allocation of information security technologies

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others