NormShield, Inc. (20240273214). ARTIFICIAL-INTELLIGENCE-BASED SYSTEM AND METHOD FOR QUESTIONNAIRE / SECURITY POLICY CROSS-CORRELATION AND COMPLIANCE LEVEL ESTIMATION FOR CYBER RISK ASSESSMENTS simplified abstract

From WikiPatents
Jump to navigation Jump to search

ARTIFICIAL-INTELLIGENCE-BASED SYSTEM AND METHOD FOR QUESTIONNAIRE / SECURITY POLICY CROSS-CORRELATION AND COMPLIANCE LEVEL ESTIMATION FOR CYBER RISK ASSESSMENTS

Organization Name

NormShield, Inc.

Inventor(s)

Candan Bolukbas of Stone Ridge VA (US)

Muzeyyen Gokcen Arslan Tapkan of Istanbul (TR)

Gulsum Budakoglu of Kecioren Ankara (TR)

Ferhat Dikbiyik of Hopkinton MA (US)

Robert Maley of Chandler AZ (US)

ARTIFICIAL-INTELLIGENCE-BASED SYSTEM AND METHOD FOR QUESTIONNAIRE / SECURITY POLICY CROSS-CORRELATION AND COMPLIANCE LEVEL ESTIMATION FOR CYBER RISK ASSESSMENTS - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240273214 titled 'ARTIFICIAL-INTELLIGENCE-BASED SYSTEM AND METHOD FOR QUESTIONNAIRE / SECURITY POLICY CROSS-CORRELATION AND COMPLIANCE LEVEL ESTIMATION FOR CYBER RISK ASSESSMENTS

The abstract describes a method of cyber risk assessment that involves converting user cybersecurity standards and standard compliance items into numeric arrays, correlating them to generate a compliance item map, discovering a digital footprint of an entity based on its domain name, generating technical findings, computing entity compliance level estimates, and adjusting entity computer processes based on the estimates.

  • Simplified Explanation: The method outlined in the patent application involves assessing cyber risks by converting user and standard cybersecurity standards into numeric arrays, correlating them to create a compliance item map, discovering an entity's digital footprint, generating technical findings, computing compliance level estimates, and adjusting entity computer processes accordingly.
  • Key Features and Innovation:

- Conversion of cybersecurity standards into numeric arrays - Correlation of user and standard compliance items to generate a compliance item map - Discovery of entity digital footprints based on domain names - Generation of technical findings and compliance level estimates - Adjustment of entity computer processes based on compliance level estimates

  • Potential Applications:

- Cybersecurity risk assessment for organizations - Compliance monitoring and enforcement - Security audits and evaluations - Vulnerability assessments - Incident response planning

  • Problems Solved:

- Lack of efficient cyber risk assessment methods - Difficulty in correlating user and standard compliance items - Inadequate visibility into entity digital footprints - Challenges in estimating entity compliance levels - Inefficient adjustment of entity computer processes based on compliance levels

  • Benefits:

- Enhanced cyber risk assessment accuracy - Improved compliance monitoring and enforcement - Better visibility into entity digital footprints - More accurate estimation of entity compliance levels - Efficient adjustment of entity computer processes

  • Commercial Applications:

- "Enhanced Cyber Risk Assessment Method for Organizations: Improving Compliance Monitoring and Enforcement"

  • Prior Art:

- Researchers can explore prior art related to cyber risk assessment methods, compliance monitoring tools, and digital footprint discovery technologies.

  • Frequently Updated Research:

- Researchers can stay updated on advancements in cyber risk assessment methodologies, compliance monitoring tools, and digital footprint discovery techniques.

Questions about Cyber Risk Assessment: 1. How does the method outlined in the patent application improve upon existing cyber risk assessment techniques? 2. What are the key advantages of converting cybersecurity standards into numeric arrays for risk assessment purposes?


Original Abstract Submitted

a method of cyber risk assessment includes uploading a user cybersecurity standard comprising a user compliance item represented by text and converting the text to a numeric array to generate an embedded user compliance item. a standard compliance item represented by text is retrieved from a standard database. the text to a numeric array is converted to generate an embedded standard compliance item. the embedded user compliance item and the embedded standard compliance item are correlated to generate a compliance item map. a digital footprint of an entity based on an associated domain name is discovered using non-intrusive information gathering. an entity technical finding is generated based on the discovered digital footprint of the entity and a control item. an entity compliance level estimate is computed. a computer process of the entity is then adjusted based on the computed entity compliance level estimate.

Retrieved from "http://wikipatents.org/index.php?title=NormShield,_Inc._(20240273214)._ARTIFICIAL-INTELLIGENCE-BASED_SYSTEM_AND_METHOD_FOR_QUESTIONNAIRE_/_SECURITY_POLICY_CROSS-CORRELATION_AND_COMPLIANCE_LEVEL_ESTIMATION_FOR_CYBER_RISK_ASSESSMENTS_simplified_abstract&oldid=215728"