US 11,902,294 B2
Using human factors when calculating a risk score
Raffael Marty, Austin, TX (US); and Nicolas Christian Fischbach, Uitikon (CH)
Assigned to Forcepoint LLC, Austin, TX (US)
Filed by Forcepoint, LLC, Austin, TX (US)
Filed on Dec. 31, 2020, as Appl. No. 17/139,051.
Application 17/139,051 is a continuation of application No. 16/557,560, filed on Aug. 30, 2019, granted, now 10,999,296.
Application 16/557,560 is a continuation in part of application No. 16/415,726, filed on May 17, 2019, granted, now 10,834,097, issued on Nov. 10, 2020.
Application 16/557,560 is a continuation in part of application No. 17/139,051.
Application 17/139,051 is a continuation in part of application No. 16/162,655, filed on Oct. 17, 2018, granted, now 10,530,786, issued on Jan. 7, 2020.
Application 16/162,655 is a continuation of application No. 15/963,729, filed on Apr. 26, 2018, granted, now 10,129,269, issued on Nov. 13, 2018.
Application 15/963,729 is a continuation in part of application No. 15/878,898, filed on Jan. 24, 2018, granted, now 10,063,568, issued on Aug. 28, 2018.
Application 15/878,898 is a continuation of application No. 15/720,788, filed on Sep. 29, 2017, granted, now 9,882,918, issued on Jan. 30, 2018.
Claims priority of provisional application 63/119,116, filed on Nov. 30, 2020.
Claims priority of provisional application 63/107,320, filed on Oct. 29, 2020.
Claims priority of provisional application 63/017,400, filed on Apr. 29, 2020.
Claims priority of provisional application 62/964,372, filed on Jan. 22, 2020.
Claims priority of provisional application 62/839,060, filed on Apr. 26, 2019.
Claims priority of provisional application 62/506,300, filed on May 15, 2017.
Prior Publication US 2021/0152568 A1, May 20, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 21/56 (2013.01); G06F 21/57 (2013.01); H04L 67/306 (2022.01)
CPC H04L 63/14 (2013.01) [G06F 21/566 (2013.01); G06F 21/577 (2013.01); H04L 63/102 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/205 (2013.01); H04L 67/306 (2013.01); G06F 2221/034 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A computer-implementable method for performing a security operation, comprising:
monitoring an entity, the monitoring observing at least one electronically-observable data source;
deriving an observable based upon the monitoring of the electronically-observable data source;
associating human factors with the entity, the human factors comprising a cardinal trait, an emotional stressor and an organizational dynamic, the cardinal trait comprising a representation of a particular enduring behavioral pattern corresponding to the entity that is persisted over a time period, the emotional stressor comprising a contextual modifier, the contextual modifier providing context when analyzing security related activity, the organizational dynamic comprising an electronically-observable event occurring within an organization having an operational influence on a behavior of the entity, the organizational dynamic comprising one or more of a security practice organizational dynamic, a communication issue organizational dynamic, a management system organizational dynamic, and a work planning and control organizational dynamic;
identifying an event of analytic utility, the event of analytic utility being derived from the observable from the electronic data source;
analyzing the event of analytic utility, the analyzing the event of analytic utility using the human factors associated with the entity enacting the event of analytic utility;
generating a risk score in response to the analyzing, the generating the risk score using the human factors associated with the entity; and,
performing the security operation when the risk score meets a security risk parameter, the security operation comprising a human factor risk operation, the human factor risk operation being performed by a security analytics system executing on a hardware processor.