CPC G06F 21/577 (2013.01) [G06F 2221/034 (2013.01)] | 20 Claims |
1. A method of cyber risk assessment, the method comprising:
a) receiving a request for a quantitative cyber risk assessment of an entity associated with a domain name;
b) discovering a digital footprint of the entity based on the domain name using non-intrusive information gathering;
c) determining an entity classification comprising a size and one of industry or country based on the digital footprint;
d) determining an entity technical finding comprising at least one of an asset vulnerability, a threat, a data loss, or a cyber event based on the discovered digital footprint;
e) computing a loss event frequency and a loss magnitude using the entity classification and the entity technical finding;
f) computing a probable financial impact of a cyber risk based on the loss event frequency and on the loss magnitude; and
g) providing recommendations for remediating the cyber risk based on the computed probable financial impact.
|