Diversity Analysis with Actionable Feedback Methodologies
First Claim
1. A method, comprising:
- assessing risk of a cyber security failure in a computer network of an entity, using a computer agent configured to collect information from at least publicly accessible Internet elements;
automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy;
automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk;
providing one or more recommended computer network changes to reduce the assessed risk, enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity;
determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure in the computer network of the entity based on the enacted recommended computer network changes; and
dynamically re-determining, based on the reassessed risk of a cyber security failure in the computer network of the entity, the change or the setting to the at least one element of policy criteria of the cyber security policy.
5 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the present technology include methods of assessing risk of a cyber security failure in a computer network of an entity. Various embodiments also include automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy, automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk, and providing one or more recommended computer network changes to reduce the assessed risk. Various embodiments further include enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity, determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure based on the enacted recommended computer network changes.
129 Citations
27 Claims
-
1. A method, comprising:
-
assessing risk of a cyber security failure in a computer network of an entity, using a computer agent configured to collect information from at least publicly accessible Internet elements; automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy; automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk; providing one or more recommended computer network changes to reduce the assessed risk, enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity; determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure in the computer network of the entity based on the enacted recommended computer network changes; and dynamically re-determining, based on the reassessed risk of a cyber security failure in the computer network of the entity, the change or the setting to the at least one element of policy criteria of the cyber security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A system, comprising:
-
a processor; and a memory communicatively coupled with the processor, the memory storing instructions which when executed by the processor performs a method comprising; assessing risk of a cyber security failure in a computer network of an entity, using a computer agent configured to collect information from at least publicly accessible Internet elements; automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy; automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk; providing one or more recommended computer network changes to reduce the assessed risk, enactment by the entity of at least one of the one or more of the recommended computer network changes to reduce the assessed risk to the entity; determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure in the computer network of the entity based on the enacted recommended computer network changes; and dynamically re-determining, based on the reassessed risk of a cyber security failure in the computer network of the entity, the change or the setting to the at least one element of policy criteria of the cyber security policy.
-
-
27. A method, comprising:
-
receiving an assessment of risk of a cyber security failure in a computer network of an entity from a computer agent configured to collect information from at least publicly accessible Internet elements; automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy; automatically recommending, based on the assessed risk, computer network changes to reduce the assessed risk; providing one or more recommended computer network changes to reduce the assessed risk, enactment by the entity of at least one or more of the recommended computer network changes to reduce the assessed risk to the entity; determining that the entity has enacted at least a portion of the recommended computer network changes, and in response, automatically reassessing the risk of a cyber security failure in the computer network of the entity based on the enacted recommended computer network changes; and dynamically re-determining, based on the reassessed risk of a cyber security failure in the computer network of the entity, the change or the setting to the at least one element of policy criteria of the cyber security policy.
-
Specification