Mock attack cybersecurity training system and methods
First Claim
Patent Images
1. A computer-implemented method of providing cybersecurity training to a user of an electronic device, comprising:
- by one or more processors;
accessing identifying information relating to an electronic device,selecting a mock attack situation that corresponds to the electronic device, andcausing the mock attack situation to be delivered to a user of the electronic device via the electronic device in the user'"'"'s regular context of use of the electronic device;
by a sensor, sensing an action of the user in a response to the mock attack situation; and
by the one or more processors;
receiving an identification of the sensed action from the sensor,using the sensed action to determine whether the user should receive a training intervention, anddetermining that the user should receive a training intervention, and in response selecting a training intervention from a set of at least one training intervention and delivering the selected training intervention to the user.
9 Assignments
0 Petitions
Accused Products
Abstract
A training system senses a user action that may expose the user to a threat, such as a cybersecurity threat. The user action may be in response to a mock attack delivered via a messaging service, a wireless communication service, a fake malware application or another device, service, system or mechanism. The system selects a training action from a collection of available training actions and causes the training action to be delivered to the user.
113 Citations
27 Claims
-
1. A computer-implemented method of providing cybersecurity training to a user of an electronic device, comprising:
-
by one or more processors; accessing identifying information relating to an electronic device, selecting a mock attack situation that corresponds to the electronic device, and causing the mock attack situation to be delivered to a user of the electronic device via the electronic device in the user'"'"'s regular context of use of the electronic device; by a sensor, sensing an action of the user in a response to the mock attack situation; and by the one or more processors; receiving an identification of the sensed action from the sensor, using the sensed action to determine whether the user should receive a training intervention, and determining that the user should receive a training intervention, and in response selecting a training intervention from a set of at least one training intervention and delivering the selected training intervention to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method of providing cybersecurity training to a user, comprising:
-
by one or more processors; selecting a mock attack situation for a user, wherein the mock attack situation comprises a mock attack other than a mock phishing email, obtaining contact information necessary to deploy the mock attack situation to the user, and using the contact information to cause the mock attack situation to be deployed to the user in the user'"'"'s regular context of use of a service or device; by a sensor, sensing an action of the user in a response to the mock attack situation; and by the one or more processors; using the sensed action to determine whether the user should receive a training intervention, and determining that the user should receive a training intervention, and in response selecting a training intervention and delivering the selected training intervention to the user. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-implemented method of providing cybersecurity training to a user, comprising, by one or more processors:
-
sensing, by a sensor, identifying information associated with an electronic device; using the identifying information to determine an area where a user of the electronic device is likely to be; selecting a mock attack situation for the user, wherein the mock attack situation requires the user to be within a vicinity of the area to receive the mock attack situation; causing the mock attack situation to be deployed in the area; after the user comes within the vicinity of the area, sensing an action of the user in response to the mock attack situation; determining whether the user should receive a training intervention and, if so, selecting a relevant training intervention from a set of one or more training interventions; and delivering the selected training intervention to the user. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
-
27. A computer-implemented method of providing cybersecurity training to a user, comprising:
-
by a sensor, monitoring physical location information of a user of an electronic device during the user'"'"'s regular context of use of the electronic device; by one or more processors; accessing identifying information for the user, selecting a mock attack situation based on the accessed identifying information, selecting a physical location where the user is likely to be based on the monitored physical location information, and causing the mock attack situation to be delivered to the user at the selected physical location; by the sensor, sensing an action of the user in response to the mock attack situation; and by the one or more processors; using the sensed action to determine whether the user should receive a training intervention, and determining that the user should receive a training intervention, and in response selecting a training intervention from a set of at least one training intervention and delivering the selected training intervention to the user.
-
Specification