CPC H04L 63/1433 (2013.01) [G16Y 30/10 (2020.01); H04L 63/1408 (2013.01); H04L 63/1425 (2013.01); H04W 4/02 (2013.01)] | 19 Claims |
1. A method for determining and using a cyber risk score for an entity having a plurality of devices on a network, the method comprising:
collecting, by a processing circuit, a first set of data from individual network devices and a second set of data including risk data from an external data source, wherein the external data source is selected from a group consisting of an IoT search engine, a vulnerability management database, a threat intelligent feed, an exploit feed, a social media feed, a bill of material, and a network discovery;
normalizing, by the processing circuit, the first set of data and the second set of data;
correlating, by the processing circuit, the normalized first set of data with the normalized second set of data to determine individual cyber risk scores for the individual network devices;
determining, by the processing circuit, the cyber risk score for the entity by aggregating the individual cyber risk scores for the individual network devices and using the individual cyber risk scores for the individual network devices as inputs to calculate the cyber risk score for the entity; and
using, by the processing circuit, the cyber risk score for the entity or the individual cyber risk scores for the individual network devices to perform an automated action comprising at least one of (i) providing an alert to a user comprising the cyber risk score for the entity or the individual cyber risk scores for the individual network devices, (ii) generating a dashboard comprising the cyber risk score for the entity or a ranked list of the individual network devices based on the individual cyber risk scores for the individual network devices, or (iii) initiating a corrective action responsive to the cyber risk score for the entity or the individual cyber risk scores for the individual network devices.
|