Abstract: A method for data breach protection includes identifying data partners of an enterprise and determining data usage policies of the data partners. The data usage policies of the data partners may be monitored and a change in at least one data usage policy of at least one data partner may be detected. A similarity between an original version of the at least one data usage policy and the changed version of the at least one data usage policy may be determined. Results of the determined similarity may be displayed.

Abstract: A method for telemetry analysis of a digital twin includes analyzing network traffic sent or received by a host network. Entities exchanging data with the host network are identified. A plurality of applications within the host network used for sending or receiving the exchanged data may be identified. A digital twin of the host network is developed based upon the identified entities exchanging data with the host network and the applications within the host network used for sending or receiving the exchanged data. Stimuli may be applied to the digital twin, and the likelihood of a change in state within the host network is assessed based upon the applied stimuli.

Abstract: A method predicting risk includes identifying data partners associated with the enterprise and generating a computer readable model of the enterprise including representations of digital and physical assets, and data partners. Risk analysis algorithms may be applied to the computer readable model. A risk model associated with risk analysis may be generated, using the computer readable model, and results of the risk model may be displayed at a user interface.

Abstract: A method for data breach protection includes analyzing network traffic of an enterprise. Uniform Resource Locators (URLs) included in the network traffic may be identified. The URLs may be classified into a bipartite graph. Classification sets of the bipartite graph may be established and displayed. In response to displaying the classification sets, an instruction related to management of the network traffic may be received and/or executed.