SYSTEMS AND METHODS FOR ASSESSING CYBERSECURITY EFFICACY OF ENTITIES AGAINST COMMON CONTROL AND MATURITY FRAMEWORKS USING EXTERNALLY-OBSERVED DATASETS

Organization Name

Inventor(s)

Tiago Bagulho Monteiro Pereira of Lisbon (PT)

SYSTEMS AND METHODS FOR ASSESSING CYBERSECURITY EFFICACY OF ENTITIES AGAINST COMMON CONTROL AND MATURITY FRAMEWORKS USING EXTERNALLY-OBSERVED DATASETS - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240045950 titled 'SYSTEMS AND METHODS FOR ASSESSING CYBERSECURITY EFFICACY OF ENTITIES AGAINST COMMON CONTROL AND MATURITY FRAMEWORKS USING EXTERNALLY-OBSERVED DATASETS

Simplified Explanation

The patent application describes a system and method for determining control insights for an entity based on configurable rules. It involves receiving event datasets related to cybersecurity events associated with the entity during a specific time period. These datasets are enriched with indicators mapped to the cybersecurity events. Control insights for the entity are then determined by comparing the enriched event datasets with a set of rules. The rules are defined by a rule type and a subset of indicators provided as input. The control insights indicate the state of cybersecurity control mechanisms for the entity.

The system and method determine control insights for an entity based on configurable rules.
Event datasets related to cybersecurity events associated with the entity are received.
The event datasets are enriched with indicators mapped to the cybersecurity events.
Control insights for the entity are determined by comparing the enriched event datasets with a set of rules.
The rules are defined by a rule type and a subset of indicators provided as input.
The control insights indicate the state of cybersecurity control mechanisms for the entity.

Potential Applications

Cybersecurity management and monitoring systems
Risk assessment and mitigation in cybersecurity
Compliance monitoring and reporting in cybersecurity

Problems Solved

Difficulty in determining the state of cybersecurity control mechanisms for an entity
Inefficient analysis of cybersecurity event datasets
Lack of configurable rules for determining control insights

Benefits

Improved understanding of the state of cybersecurity control mechanisms
Enhanced ability to identify and address cybersecurity risks
Streamlined analysis of cybersecurity event datasets
Customizable rules for determining control insights

Original Abstract Submitted

systems and methods are disclosed for determining control insights corresponding to an entity based on configurable rules. event datasets corresponding to a plurality of cybersecurity events associated with an entity during a first time period are received. the event datasets are enriched with a plurality of indicators mapped to the plurality of cybersecurity based on a respective event type corresponding to each of the plurality of cybersecurity events. control insights corresponding to the entity are determined based on a comparison of the one or more enriched event datasets and a plurality of rules. at least one rule is defined by (i) a rule type and (ii) a first subset of the plurality of indicators that is provided as an input to the at least one rule. the control insights each provide an indication of a state of a respective cybersecurity control mechanism corresponding to the entity.

20240045950. SYSTEMS AND METHODS FOR ASSESSING CYBERSECURITY EFFICACY OF ENTITIES AGAINST COMMON CONTROL AND MATURITY FRAMEWORKS USING EXTERNALLY-OBSERVED DATASETS simplified abstract (BitSight Technologies, Inc.)

Contents

SYSTEMS AND METHODS FOR ASSESSING CYBERSECURITY EFFICACY OF ENTITIES AGAINST COMMON CONTROL AND MATURITY FRAMEWORKS USING EXTERNALLY-OBSERVED DATASETS

Organization Name

Inventor(s)