Patent Issued for System And Method For Assessing Cybersecurity Risk Of Computer Network (USPTO 10,904,282)
2021 FEB 05 (NewsRx) -- By a
The patent’s assignee for patent number 10,904,282 is
News editors obtained the following quote from the background information supplied by the inventors: “Today insurance carriers underwrite risks of a prospect who is deciding whether to purchase cyber insurance, and, if, so, how much to purchase and what coverages to get. Conventionally, this method of underwriting is manual in nature and relies upon the prospective Policyholder providing an accurate picture of their true cyber risk. From this input, the insurance carrier tries to determine effectively the level of risk and associated pricing and coverages that can be offered. Once the insurance carrier underwrites and prices the insured, through the broker, the insured makes a decision and buys the particular coverage and the policy then binds and is in place, typically for twelve months. The insurance carrier has had the risk transferred to its accounts, and over the time period of the policy has no insight into the insured’s cybersecurity posture, unless a claim is made. Meanwhile, new cyber exposures are discovered on a daily basis, and thus cyber risk levels are also constantly changing. This leaves the insurance carrier exposed to a potentially higher level of risk than what was determined at the time of underwriting, or even some previously unknown risk, throughout the pendency of the policy period.
“There is a continued need in the art to provide additional solutions to help protect a computer network from cyber attacks and to evaluate its susceptibility to such attacks. For example, there is a continued need for techniques for improving the ability to assess the cybersecurity risks associated with a given network on an ongoing basis.
“It will be appreciated that this background description has been created by the inventors to aid the reader, and is not to be taken as an indication that any of the indicated problems were themselves appreciated in the art. While the described principles can, in some respects and embodiments, alleviate the problems inherent in other systems, it will be appreciated that the scope of the protected innovation is defined by the attached claims, and not by the ability of any disclosed feature to solve any specific problem noted herein.”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “Aspects of this disclosure are directed to systems, methods, and computer program products for assessing cybersecurity risk of an operating computer network over time. Computer-implemented architecture can include a non-transitory computer-readable medium containing a cybersecurity risk program constructed to periodically determine a value of a cybersecurity risk parameter on a scale where the value is indicative of the cybersecurity risk level of the computer network.
“In one aspect, an embodiment of a system for assessing cybersecurity risk of a computer network includes a non-transitory computer-readable medium having a cybersecurity risk program, a cybersecurity processor in operable arrangement with the computer-readable medium, a data storage device in operable arrangement with the cybersecurity processor, and a web-enabled interface communicatively arranged with the cybersecurity processor to exchange information with a client portal. The cybersecurity processor is configured to execute the cybersecurity risk program contained on the computer-readable medium. The data storage device includes a cybersecurity risk parameter with a first value on a scale indicative of a cybersecurity risk level of the computer network at a first time. The web-enabled interface is in communicating relationship with the cybersecurity processor and the data storage device to exchange information with a client portal
“The cybersecurity risk program includes a cyber risk calculation module and a display module. The cyber risk calculation module is configured to receive input data associated with the computer network at a second time. The second time is different from the first time. The input data corresponds to operational characteristics of the computer network at the second time. The cyber risk calculation module is configured to analyze operational characteristics of the computer network at the second time using a risk model to determine a second value of the cybersecurity risk parameter at the second time. The risk model includes a number of data fields configured to determine a value on the scale indicative of the cybersecurity risk level of the computer network. At least one operational characteristic of the computer network from the input data is used in at least one data field of the risk model. The display module is configured to transmit the second value of the cybersecurity risk parameter at the second time via the web-enabled interface to the client portal for display in a graphical user interface.
“In another aspect, an embodiment of a method of assessing cybersecurity risk of a computer network, which has a cybersecurity risk parameter with a first value on a scale indicative of a cybersecurity risk level of the computer network at a first time, includes employing a processor to execute a cybersecurity risk program having computer-executable instructions stored on a non-transitory computer-readable medium. The cybersecurity risk program causes the processor to perform a number of steps.
“Input data associated with the computer network is received at a second time. The second time is different from the first time. The input data corresponds to operational characteristics of the computer network at the second time.
“The operational characteristics of the computer network are analyzed using a risk model to determine a second value of the cybersecurity risk parameter at the second time. The risk model includes a number of data fields configured to determine a value on the scale indicative of the cybersecurity risk level of the computer network. At least one operational characteristic of the computer network from the input data is used in at least one data field of the risk model.
“The second value of the cybersecurity risk parameter at the second time is transmitted to a client portal for display in a graphical user interface.
“In another embodiment, a method of monitoring cybersecurity risk of a computer network, which has a cybersecurity risk parameter with a first value on a scale indicative of a cybersecurity risk level of the computer network at a first time, includes actively monitoring the computer network via a cybersecurity system installed within the computer network. The cybersecurity system is configured to generate operational data relating to the computer network at a second time which is different from the first time.
“A processor is employed to execute a cybersecurity risk program including computer-executable instructions stored on a non-transitory computer-readable medium causing the processor to perform steps. The operational data of the computer network is analyzed to determine input data corresponding to operational characteristics of the computer network. The input data is transmitted to a risk model configured to determine a second value of the cybersecurity risk parameter at the second time. The risk model includes a number of data fields configured to determine a value on a scale indicative of the cybersecurity risk level of the computer network. At least one operational characteristic of the computer network from the input data is used in at least one data field of the risk model.
“As will be appreciated, the systems, methods, and computer program products disclosed herein are capable of being carried out in other and different embodiments and capable of being modified in various respects. Accordingly, it is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and do not restrict the scope of the appended claims.”
The claims supplied by the inventors are:
“What is claimed is:
“1. A method of assessing cybersecurity risk of a computer network, the computer network having a cybersecurity risk parameter with a first value on a scale indicative of a cybersecurity risk level of the computer network at a first time, the method comprising: employing a processor to execute a cybersecurity risk program including computer-executable instructions stored on a non-transitory computer-readable medium causing the processor to perform steps including: receiving input data associated with the computer network at a second time, the second time being different from the first time, the input data corresponding to operational characteristics of the computer network at the second time, analyzing the operational characteristics of the computer network using a risk model to determine a second value of the cybersecurity risk parameter at the second time, the risk model including a number of data fields configured to determine a value on the scale indicative of the cybersecurity risk level of the computer network, at least one operational characteristic of the computer network from the input data being used in at least one data field of the risk model, and transmitting the second value of the cybersecurity risk parameter at the second time to a client portal for display in a graphical user interface; wherein the input data associated with the computer network at the second time is received via an application program interface (API) connected to a cybersecurity system installed within the computer network, and wherein the input data received via the API is generated by polling logs of the cybersecurity system within the computer network to produce the input data in a form that does not contain data produced within the computer network.
“2. The method of claim 1, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor to perform further steps including: receiving input data associated with, and corresponding to operational characteristics of, the computer network the computer network at a third time, the third time being different from both the first time and the second time, analyzing the operational characteristics of the computer network at the third time using the risk model to determine a third value of the cybersecurity risk parameter at the third time, generating risk score trend data of the computer network based upon at least two of the first value, the second value, and the third value, and transmitting the risk score trend data to the client portal for display in the graphical user interface.
“3. The method of claim 1, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor, in response to receiving a forecast request from the client portal for at least one of a set of cybersecurity controls not present within the computer network, to analyze the operational characteristics of the computer network at the second time modified by assuming said at least one of the set of cybersecurity controls not present within the computer network is implemented in the computer network using the risk model to determine a forecasted value of the cybersecurity risk parameter and to transmit the forecasted value of the cybersecurity risk parameter to the client portal for display in the graphical user interface.
“4. The method of claim 1, wherein the risk model includes a threat likelihood module, a business impact module, and a control effectiveness module, and wherein the operational characteristics of the computer network are analyzed using the risk model to determine a residual risk score, the residual risk score being based upon a control effectiveness value from the control effectiveness module being deducted from a product of a threat likelihood value from the threat likelihood module and a business impact value from the business impact module.
“5. The method of claim 4, wherein the business impact module calculates the business impact value based upon asset data associated with an operational configuration of the computer network.
“6. The method of claim 1, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor to monitor the data feed from the cybersecurity system installed within the computer network for a valid threat alert, and, in response to receiving the valid threat alert, transmitting an alert message to the client portal for display in the graphical user interface.
“7. The method of claim 1, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor to monitor the data feed from the cybersecurity system installed within the computer network for a valid threat alert, and, in response to receiving the valid threat alert, to actively modify the computer network by implementing a protective measure configured to reduce the threat.
“8. The method of claim 1, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor, in response to receiving an alert input concerning a cybersecurity threat, to transmit a threat alert message concerning the cybersecurity threat to the client portal for display in the graphical user interface independent of whether the cybersecurity threat is detected within the computer network.
“9. The method of claim 1, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor to select a cybersecurity control from a set of cybersecurity controls not present within the computer network, the selected cybersecurity control determined by calculating a relative effectiveness value for each of the set of cybersecurity controls and identifying the highest relative effectiveness value and to transmit data concerning the selected cybersecurity control to the client portal for display in the graphical user interface.
“10. The method of claim 9, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor, in response to receiving a forecast request from the client portal for at least one of the set of cybersecurity controls not present within the computer network, to analyze the operational characteristics of the computer network at the second time as modified by assuming said at least one of the set of cybersecurity controls not present within the computer network is implemented in the computer network using the risk model to determine a forecasted value of the cybersecurity risk parameter and to transmit the forecasted value of the cybersecurity risk parameter to the client portal for display in the graphical user interface.
“11. The method of claim 1, wherein the input data comprise a yes or no value for a data field of the risk model.
“12. A system for assessing cybersecurity risk of a computer network, the system comprising: a non-transitory computer-readable medium including a cybersecurity risk program; a cybersecurity processor in operable arrangement with the computer-readable medium, the cybersecurity processor configured to execute the cybersecurity risk program contained on the computer-readable medium; and a data storage device in operable arrangement with the cybersecurity processor, the data storage device including a cybersecurity risk parameter with a first value on a scale indicative of a cybersecurity risk level of the computer network at a first time; a web-enabled interface in communicative relationship with the cybersecurity processor and the data storage device to exchange information with a client portal; an application program interface (API) interconnected between the cybersecurity processor and a cybersecurity system installed within the computer network, the API being configured to direct input data associated with the computer network from the computer network to the cybersecurity processor, the API being configured to transmit input data to the cybersecurity processor in a form that does not contain data produced within the computer network; wherein the cybersecurity risk program includes a cyber risk calculation module and a display module, the cyber risk calculation module configured to receive via the API input data associated with the computer network at a second time, the second time being different from the first time, the input data corresponding to operational characteristics of the computer network at the second time, and to analyze operational characteristics of the computer network at the second time using a risk model to determine a second value of the cybersecurity risk parameter at the second time, the risk model including a number of data fields configured to determine a value on the scale indicative of the cybersecurity risk level of the computer network, at least one operational characteristic of the computer network from the input data being used in at least one data field of the risk model, and the display module configured to transmit the second value of the cybersecurity risk parameter at the second time via the web-enabled interface to the client portal for display in a graphical user interface.
“13. The system of claim 12, wherein the cybersecurity risk program further includes a forecast module, the forecast module configured, in response to receiving a forecast request from the client portal via the web-enabled interface for at least one of a set of cybersecurity controls not present within the computer network, to analyze the operational characteristics of the computer network at the second time modified by assuming said at least one of the set of cybersecurity controls not present within the computer network is implemented in the computer network using the risk model to determine a forecasted value of the cybersecurity risk parameter, and wherein the display module is configured to transmit the forecasted value of the cybersecurity risk parameter via the web-enabled interface to the client portal for display in the graphical user interface.
“14. The system of claim 12, wherein the risk model includes a threat likelihood module, a business impact module, and a control effectiveness module, and wherein the cyber risk calculation module is configured to analyze the operational characteristics of the computer network using the risk model to determine a residual risk score, the residual risk score being based upon a control effectiveness value from the control effectiveness module being deducted from a product of a threat likelihood value from the threat likelihood module and a business impact value from the business impact module, and wherein the display module is configured to transmit the residual risk score via the web-enabled interface to the client portal for display in the graphical user interface.
“15. The system of claim 14, wherein the business impact module calculates the business impact value based upon asset data from the data storage device, the asset data associated with an operational configuration of the computer network.
“16. The system of claim 12, wherein the cybersecurity risk program further includes a monitoring module, the monitoring module configured to monitor a data feed received from a cybersecurity system installed within the computer network for a valid threat alert, and wherein the display module is configured, in response to the monitoring module receiving the valid threat alert, to transmit an alert message via the web-enabled interface to the client portal for display in the graphical user interface.
“17. The system of claim 12, wherein the cybersecurity risk program further includes a monitoring module, the monitoring module configured to monitor a data feed received from a cybersecurity system installed within the computer network for a valid threat alert, and, in response to receiving the valid threat alert, to actively modify the computer network by implementing a protective measure configured to reduce the threat.
“18. The system of claim 12, wherein the cybersecurity risk program further includes a cybersecurity risk reduction module configured to select a cybersecurity control from a set of cybersecurity controls not present within the computer network, the selected cybersecurity control determined by calculating a relative effectiveness value for each of the set of cybersecurity controls and identifying the highest relative effectiveness value, and wherein the display module is configured to transmit data concerning the selected cybersecurity control via the web-enabled interface to the client portal for display in the graphical user interface.
“19. A method of monitoring cybersecurity risk of a computer network, the computer network having a cybersecurity risk parameter with a first value on a scale indicative of a cybersecurity risk level of the computer network at a first time, the method comprising: actively monitoring the computer network via a cybersecurity system installed within the computer network, the cybersecurity system configured to generate operational data relating to the computer network at a second time, the second time being different from the first time; employing a processor to execute a cybersecurity risk program including computer-executable instructions stored on a non-transitory computer-readable medium causing the processor to perform steps including: analyzing the operational data of the computer network to determine input data corresponding to operational characteristics of the computer network, transmitting the input data to a risk model configured to determine a second value of the cybersecurity risk parameter at the second time, the risk model including a number of data fields configured to determine a value on a scale indicative of the cybersecurity risk level of the computer network, at least one operational characteristic of the computer network from the input data being used in at least one data field of the risk model; wherein the input data associated with the computer network at the second time is transmitted via an application program interface (API) connected to the cybersecurity system installed within the computer network, and wherein the input data is determined by polling logs of the cybersecurity system within the computer network to produce the input data in a form that does not contain data produced within the computer network.
“20. The method of claim 19, wherein the input data comprises a yes or no value for a data field of the risk model.
“21. The method of claim 19, wherein the computer-executable instructions of the cybersecurity risk program further cause the processor to transmit a data feed from the cybersecurity system installed within the computer network, the data feed configured to be used to determine whether a valid cybersecurity threat pertains to the computer network.”
For additional information on this patent, see: Kibler, Philip; Wilson, Daniel; Overton, Martin; Grella, Tracie; Pace, Garin. System And Method For Assessing Cybersecurity Risk Of Computer Network.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Elderly man dies in house fire
Changes in Flood Hazard Determinations
Advisor News
- Lifetime income is the missing link to global retirement security
- Don’t let caregiving derail your clients’ retirement
- The ‘magic number’ for retirement hits $1.45M
- OBBBA can give small-business clients opportunities for saving
- Equitable launches 403(b) pooled employer plan to support nonprofits
More Advisor NewsAnnuity News
- Lifetime income is the missing link to global retirement security
- ‘All-weather’ annuity portfolios aim to sharply limit rainy days
- Annuity income: The new 401(k) standard?
- Smart annuity planning can benefit long-term tax planning
- Agam Capital Announces the Continued Growth of Agam ISAC’s Bermuda Platform
More Annuity NewsHealth/Employee Benefits News
- Amid budget challenges, Auburn to offer retirement incentive to city workers
- Findings from University of Pennsylvania Provides New Data on Managed Care (Is Medicare Home Health Care Utilization Substituting for Long-Term Care? Evidence From Dual Eligible Beneficiaries): Managed Care
- Helping you age better
- Carolina Complete Health and WellCare of North Carolina Combine to Form Provider-Led Managed Care Organization: Carolina Complete Health
- Findings from National Center for HIV Broaden Understanding of HIV/AIDS (Implementation of health insurance navigation for racial/ethnic minority men who have sex with men presenting for community-based HIV testing): Immune System Diseases and Conditions – HIV/AIDS
More Health/Employee Benefits NewsLife Insurance News
- Lifetime income is the missing link to global retirement security
- AM Best Affirms Credit Ratings of ReliaStar Life Insurance Group Members
- Voya Financial announces expanded Employee Assistance Program services with TELUS Health
- How improving the customer experience can build trust
- AI won’t solve the workforce crisis; here’s what will
More Life Insurance News