Abstract: System and method for electronic risk and remediation analysis using network monitored sensors and actionable feedback methodologies for operational resilience. Various embodiments of the present technology include methods of assessing digital risks posed to a computer network of an entity that may result in a digital risk event, or privacy incident. The network includes information and technology assets that are subject to one or more security risk policies. In some exemplary embodiments, the method includes receiving a set of variables that are indicative of attributes of an infrastructure of an entity, including one or more information assets and or technology assets utilized by the entity. Some embodiments involve using computer agents deployed and configured to monitor network data transmitted via public networks, to private networks and collect continual or periodic data that is related to security information.

Abstract: System and method for extracting and combining electronic risk information for business continuity management with actionable feedback methodologies. An example system includes computer agents deployed and configured to collect electronic threat and security information from publicly accessible information and to monitor network data transmitted via public networks, to private networks. An activity predictor extrapolates future electronic threat event frequency from observed electronic threat data and collected security information and uses polynomial regression to create distributions from threat activity prediction. Loss values are quantified for given network configurations and compared with values resulting from simulated changes to configurations or parameters, providing inputs for business continuity and pricing of risk transfer for an entity with given configurations of private network assets.

Abstract: Apparatus for assessing threat to at least one computer network in which a plurality of systems (301, 302, 303, 304, 305, . . . 30n) operate is configured to determine predicted threat activity (13), to determine expected downtime of each system in dependence upon said predicted threat activity, to determine loss (12A, 12B, 12C, 12D, 12E, . . . , 12m) for each of a plurality of operational processes (31A, 31B, 31C, 31D, 31E, . . . 31m dependent on the downtimes of the systems, to add losses for the plurality of processes so as to obtain a combined loss (12SUM) arising from the threat activity.

Abstract: Systems and methods for electronic network threat analysis and remediation using network monitored sensors are provided herein. An example system includes one or more network devices deployed within a network or networks to collect entity information and to monitor network data and traffic of the network or networks that is related to security information. The network or networks include computing systems that are subject to a security risk policy having breach parameters defining one or more events that are indicative of an electronic threat. A threat analyser and threat assessment system are used to automatically detect occurrence of one or more of the events that are indicative of an electronic threat, automatically determine the breach parameters that apply for the one or more events that occurred, and generates a remediation of network security device security parameters for the network or networks based upon predicted losses arising from observed electronic threats.

Abstract: Methods, systems and apparatus, including computer programs encoded on a computer storage medium, for assessing and managing cyber threats. In some implementations, data specifying relationships between I.T. system infrastructures, system categories, operational processes, computer-based threats and mitigation actions is received. A plurality of simulations are performed using a Monte Carlo method, with each simulation involving propagating data through stochastic modeling for a given time window having a beginning and end. Outcomes of the plurality of simulations that include mitigating actions representing the threat mitigation measures of the organization, for a given time window, determine a measure of impact of cyber threats to the organization. The determined measure is provided for output to a user.

Abstract: Apparatus for assessing threat to at least one computer network in which a plurality of systems (301, 302, 303, 304, 305, . . . 30n) operate is configured to determine predicted threat activity (13), to determine expected downtime of each system in dependence upon said predicted threat activity, to determine loss (12A, 12B, 12C, 12D, 12E, . . . , 12m) for each of a plurality of operational processes (31A, 31B, 31C, 31D, 31E, . . . 31m dependent on the downtimes of the systems, to add losses for the plurality of processes so as to obtain a combined loss (12SUM) arising from the threat activity.

Abstract: Methods, systems and apparatus, including computer programs encoded on a computer storage medium, for assessing and managing cyber threats. In some implementations, data specifying relationships between I.T. system infrastructures, system categories, operational processes, computer-based threats and mitigation actions is received. A plurality of simulations are performed using a Monte Carlo method, with each simulation involving propagating data through stochastic modeling for a given time window having a beginning and end. Outcomes of the plurality of simulations that include mitigating actions representing the threat mitigation measures of the organization, for a given time window, determine a measure of impact of cyber threats to the organization. The determined measure is provided for output to a user.

Abstract: Apparatus and method for assessing financial loss posed by cyber threats capable of affecting at least one computer network in which a plurality of systems operate based on statistical modelling of cyber threat events to determine predicted threat activity, to determine expected downtime of each system in dependence upon said predicted cyber threat activity, to determine financial loss for each of a plurality of operational processes dependent upon the downtimes of the systems, to add financial losses for the plurality of processes so as to obtain a combined financial loss arising from the cyber threat activity, to determine pricing of insurance, to determine cost benefit analysis of computer network security upgrades.

Abstract: Apparatus configured to determine predicted threat activity based on stochastic modelling of threat events capable of affecting at least one computer network in which a plurality of systems operate.

Abstract: Apparatus for assessing threat to at least one computer network in which a plurality of systems (301, 302, 303, 304, 305, . . . 30n) operate is configured to determine predicted threat activity (13), to determine expected downtime of each system in dependence upon said predicted threat activity, to determine loss (12A, 12B, 12C, 12D, 12E, . . . , 12m) for each of a plurality of operational processes (31A, 31B, 31C, 31D, 31E, . . . 31m dependent on the downtimes of the systems, to add losses for the plurality of processes so as to obtain a combined loss (12SUM) arising from the threat activity.

Abstract: Apparatus configured to determine predicted threat activity based on stochastic modelling of threat events capable of affecting at least one computer network in which a plurality of systems operate.