| CPC H04L 63/1433 (2013.01) [H04L 63/1416 (2013.01); H04L 63/1425 (2013.01)] | 20 Claims |
|
1. A method for modeling control strength of network nodes of a network, comprising the steps of:
receiving a network graph having a plurality of nodes;
receiving, for each respective node of the plurality of nodes:
a risk and requirement design (RRD) rating corresponding to how well a set of controls within the respective node covers at least one risk for the respective node,
a scope of coverage (SoC) rating corresponding to how well the set of controls within the respective node covers an intended scope of the respective node,
a process and control design (PCD) rating corresponding to how well the set of controls within the respective node is designed, and
a definition weight (Def Weight) corresponding to the RRD, a scope weight (Scope Weight) corresponding to the SoC rating, and a design weight (Design Weight) corresponding to the PCD rating;
determining a leveling factor according to a maximum possible score of the RRD rating, the SoC rating, and the PCD rating;
calculating a design and implementation (DIS) score for each of the plurality of nodes according to:
 and
causing a risk mitigation process to be performed on at least one of the plurality of nodes based, in part, on DIS.
|