Systems and methods for cyber security risk assessment
First Claim
1. A method for evaluating cyber readiness of an organization, the method comprising:
- presenting, by a computer, a plurality of objective questions to a user, wherein each of the objective questions has one or more predefined answers to be selected by said user;
receiving, by said computer, answers to said plurality of objective questions from said user;
correlating, by said computer, one or more of said objective questions to a plurality of elements of an organizational safeguard;
determining based on said answers, by said computer, a risk rating for a threat origin of a cyber-attack;
determining based on said answers, by said computer, a strength rating for said organizational safeguard against said threat origin, wherein said elements of said organizational safeguard collectively determine said strength rating of said organizational safeguard;
comparing, by said computer, said risk rating of said threat origin to said strength rating of said organizational safeguard;
determining based on said comparison, by said computer, a cyber readiness rating of said organizational safeguard from said cyber-attack by said threat origin; and
presenting, by said computer, the cyber readiness rating of said organizational safeguard,wherein determining of said strength rating of said organizational safeguard comprises;
determining, by said computer, a strength rating for a first element of said organizational safeguard based on at least one of said answers,determining, by said computer, a strength rating for a second element of said organizational safeguard based on at least one of said answers, anddetermining, by said computer, a strength rating for a third element of said organizational safeguard based on said strength rating of said first element and said strength rating of said second element.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention is directed to methods, systems, and non-transitory computer readable mediums which can evaluate cyber readiness of an organization. The methods can include: presenting a plurality of objective questions to a user; receiving answers to said plurality of objective questions from said user; determining based on said answers a risk rating for a threat origin of a cyber-attack; determining based on said answers a strength rating for an organizational safeguard against said threat origin; comparing said risk rating of said threat origin to said strength rating of said organizational safeguard; determining based on said comparison a cyber readiness of said organizational safeguard from said cyber-attack by said threat origin; and presenting the cyber readiness of said organizational safeguard. Systems and non-transitory computer readable mediums operating in a similar fashion as such systems are disclosed herein.
-
Citations
27 Claims
-
1. A method for evaluating cyber readiness of an organization, the method comprising:
-
presenting, by a computer, a plurality of objective questions to a user, wherein each of the objective questions has one or more predefined answers to be selected by said user; receiving, by said computer, answers to said plurality of objective questions from said user; correlating, by said computer, one or more of said objective questions to a plurality of elements of an organizational safeguard; determining based on said answers, by said computer, a risk rating for a threat origin of a cyber-attack; determining based on said answers, by said computer, a strength rating for said organizational safeguard against said threat origin, wherein said elements of said organizational safeguard collectively determine said strength rating of said organizational safeguard; comparing, by said computer, said risk rating of said threat origin to said strength rating of said organizational safeguard; determining based on said comparison, by said computer, a cyber readiness rating of said organizational safeguard from said cyber-attack by said threat origin; and presenting, by said computer, the cyber readiness rating of said organizational safeguard, wherein determining of said strength rating of said organizational safeguard comprises; determining, by said computer, a strength rating for a first element of said organizational safeguard based on at least one of said answers, determining, by said computer, a strength rating for a second element of said organizational safeguard based on at least one of said answers, and determining, by said computer, a strength rating for a third element of said organizational safeguard based on said strength rating of said first element and said strength rating of said second element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for evaluating cyber readiness of an organization, the system comprising:
-
a memory storage device; and a processor in communication with said memory storage device and configured to; present a plurality of objective questions to a user, wherein each of the objective questions has one or more predefined answers to be selected by said user; receive answers to said plurality of objective questions from said user; correlate one or more of said objective questions to a plurality of elements of an organizational safeguard; determine based on said answers a risk rating for a threat origin of a cyber-attack; determine based on said answers a strength rating for said organizational safeguard against said threat origin, wherein said elements of said organizational safeguard collectively determine said strength rating of said organizational safeguard; compare said risk rating of said threat origin to said strength rating of said organizational safeguard; determine based on said comparison the cyber readiness rating of said organizational safeguard from said cyber-attack by said threat origin; and present the cyber readiness rating of said organizational safeguard, wherein determining of said strength rating of said organizational safeguard comprises; determining a strength rating for a first element of said organizational safeguard based on at least one of said answers, determining a strength rating for a second element of said organizational safeguard based on at least one of said answers, and determining a strength rating for a third element of said organizational safeguard based on said strength rating of said first element and said strength rating of said second element. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A non-transitory computer-readable medium tangibly storing computer program instructions which when executed by a processor, causes the processor to:
-
present a plurality of objective questions to a user, wherein each of the objective questions has one or more pre-defined answers to be selected by said user; receive answers to said plurality of objective questions from said user; correlate one or more of said objective questions to a plurality of elements of an organizational safeguard; determine based on said answers a risk rating for a threat origin of a cyber-attack; determine based on said answers a strength rating for said organizational safeguard against said threat origin, wherein said elements of said organizational safeguard collectively determine said strength rating of said organizational safeguard; compare the risk rating of said threat origin to said strength rating of said organizational safeguard; determine based on said comparison a cyber readiness rating of said organizational safeguard from said cyber-attack by said threat origin; and present the cyber readiness rating of the organizational safeguard, wherein determining of said strength rating of said organizational safeguard comprises; determining a strength rating for a first element of said organizational safeguard based on at least one of said answers, determining a strength rating for a second element of said organizational safeguard based on at least one of said answers, and determining a strength rating for a third element of said organizational safeguard based on said strength rating of said first element and said strength rating of said second element. - View Dependent Claims (27)
-
Specification