CPC H04L 63/1433 (2013.01) [G06F 16/24578 (2019.01); G06F 16/288 (2019.01); G06F 16/9024 (2019.01); G06F 21/577 (2013.01); H04L 63/1408 (2013.01); G06F 17/18 (2013.01); G06F 2221/034 (2013.01)] | 23 Claims |
1. A computer-implemented method for quantifying correlated risk in a network of a plurality of assets having at least one dependency, each asset belonging to at least one entity, the method comprising:
executing a plurality of Monte Carlo simulations over a dependency graph that is based on relationships between the plurality of assets, the at least one dependency, and the at least one entity, wherein each of the plurality of Monte Carlo simulations executes by:
generating a seed event in the dependency graph, the seed event having a probability distribution; and
propagating disruption through the dependency graph based on the seed event; and
terminating the respective Monte Carlo simulation when a threshold amount of loss is aggregated among two or more assets of the plurality of assets affected by the disruption is exceeded;
assessing, based on the plurality of Monte Carlo simulations, a loss for each asset of the plurality of assets; and
aggregating the losses for the two or more assets of the plurality of assets to determine correlated risk in the network,
wherein the dependency graph comprises (i) a plurality of edges representing the relationships between the plurality of assets, the at least one dependency, and the at least one entity and (ii) a plurality of nodes representing the plurality of assets, the at least one dependency, and the at least one entity, and
wherein each edge has a conditional probability that the asset on a receiving node of a particular edge, of the plurality of edges, is compromised given that a providing node, of the plurality of nodes, is compromised.
|