CPC H04L 63/1433 (2013.01) [G06Q 10/0635 (2013.01); H04L 9/0643 (2013.01); H04L 61/4511 (2022.05); H04L 63/1441 (2013.01)] | 7 Claims |
1. A method, comprising:
receiving information associated with a digital risk;
retrieving data based on the information associated with the digital risk, the data including: (i) a business value of an asset related to the digital risk; (ii) an attribute of an entity affected by the digital risk; and (iii) nature and confidence information associated with detection of the digital risk; and
calculating, using a processor, a risk score based on the retrieved data, calculating the risk score including:
calculating a risk likelihood score based on the nature and confidence information associated with the detection of the digital risk;
calculating a risk impact score based on: (i) a likely threat score (LTS) representing a likelihood that a threat associated with the digital risk occurs; and (ii) an asset threat score (ATS) representing a consequence of an occurrence of the threat, wherein calculating the risk impact score includes calculating: risk impact score=ATS×AW+LTS×RIW, wherein AW is an asset weight and RIW is risk impact weight, and wherein calculating the LTS is based on the attribute of the entity affected by the digital risk; and
calculating the risk score based on the risk likelihood score and the risk impact score.
|