Abstract: A system and method for setting alert thresholds related to cybersecurity ratings of one or more affiliate entities. An example method includes: obtaining entity data including cybersecurity event data for an affiliate entity; calculating a time-series cybersecurity rating for the affiliate entity based on the entity data; associating an alert reporting threshold with the time-series cybersecurity rating, wherein a comparison of the alert reporting threshold to the time-series cybersecurity rating determines a number of alerts reported for the affiliate entity; applying an alternative alert reporting threshold against the time-series cybersecurity rating to determine an alternative number of alerts reported for the affiliate entity; and updating the alert reporting threshold for the time-series cybersecurity rating to the alternative alert reporting threshold.

Abstract: Disclosed herein are computer-implemented methods and systems for forecasting security ratings for an entity. The methods and systems can include generating a plurality of simulated instantiations of a security scenario for the entity, in which the security scenario characterized by a plurality of security events associated with at least one event type. The methods and systems can further include determining a security rating for each instantiation of the plurality of instantiations; and generating a forecast cone based on the determined security ratings for the plurality of instantiations. In some examples, for each event type of the at least one event type, the methods and systems can include determining a rate, duration, and/or temporal placement of the security events associated with the event type over a forecasting period.

Abstract: A cybersecurity risk management method may include recommending, for each of a plurality of affiliates of an entity, a respective cybersecurity criticality tier selected from a set of cybersecurity criticality tiers; receiving user input adjusting and/or adopting the recommended cybersecurity criticality tier for each of the affiliates; assigning each of the affiliates to the respective adjusted or adopted cybersecurity criticality tier; obtaining respective security scores for the affiliates; and displaying a user interface component configured to show a visualization of a cybersecurity risk management plan of the entity with respect to the plurality of affiliates, wherein the risk management plan partitions the affiliates into a plurality of affiliate sets based on the security scores and the assigned cybersecurity criticality tiers of the affiliates and specifies, for each of the affiliate sets, an action to be taken by the entity with respect to the affiliates in the affiliate set.

Abstract: A computer-implemented method is provided for statistical modeling of entities of a particular type. The method can include obtaining entity data including a plurality of entity data sets, each entity data set associated with a respective entity and including values for one or more static parameters indicative of a type of the entity. Each entity data set can include (i) values for input parameter(s) indicative of a security profile of the entity and (ii) a value of a security class parameter indicative of a security class of the entity based on the values of the input parameters. The method can include training a statistical classifier to infer a value of the security class parameter indicative of the security class of a particular entity of the particular type based on values of one or more of the input parameters indicative of a security profile of the particular entity.

Abstract: A system and method for setting alert thresholds related to cybersecurity ratings of one or more affiliate entities. An example method includes: obtaining entity data including cybersecurity event data for an affiliate entity; calculating a time-series cybersecurity rating for the affiliate entity based on the entity data; associating an alert reporting threshold with the time-series cybersecurity rating, wherein a comparison of the alert reporting threshold to the time-series cybersecurity rating determines a number of alerts reported for the affiliate entity; applying an alternative alert reporting threshold against the time-series cybersecurity rating to determine an alternative number of alerts reported for the affiliate entity; and updating the alert reporting threshold for the time-series cybersecurity rating to the alternative alert reporting threshold.

Abstract: A cybersecurity risk management method may include recommending, for each of a plurality of affiliates of an entity, a respective cybersecurity criticality tier selected from a set of cybersecurity criticality tiers; receiving user input adjusting and/or adopting the recommended cybersecurity criticality tier for each of the affiliates; assigning each of the affiliates to the respective adjusted or adopted cybersecurity criticality tier; obtaining respective security scores for the affiliates; and displaying a user interface component configured to show a visualization of a cybersecurity risk management plan of the entity with respect to the plurality of affiliates, wherein the risk management plan partitions the affiliates into a plurality of affiliate sets based on the security scores and the assigned cybersecurity criticality tiers of the affiliates and specifies, for each of the affiliate sets, an action to be taken by the entity with respect to the affiliates in the affiliate set.

Abstract: A computer-implemented method is provided for statistical modeling of entities of a particular type. The method can include obtaining entity data including a plurality of entity data sets, each entity data set associated with a respective entity and including values for one or more static parameters indicative of a type of the entity. Each entity data set can include (i) values for input parameter(s) indicative of a security profile of the entity and (ii) a value of a security class parameter indicative of a security class of the entity based on the values of the input parameters. The method can include training a statistical classifier to infer a value of the security class parameter indicative of the security class of a particular entity of the particular type based on values of one or more of the input parameters indicative of a security profile of the particular entity.

Abstract: The present invention provides a method and system and software that allow users to readily access online legal research tools, while using other applications, such as word processors. One exemplary computer-implemented system provide an add-on software framework that integrates into a host word-processing application on a client access device. The add-on software framework allows users to select from an expandable listing of one or more web applications on a web server, with each of the web application capable of controlling operation of the host word processing application. The web applications facilitate extraction and access to information from the information-retrieval services as well as secondary source reference texts and incorporation of the information in the document or in metadata associated with the document.

Abstract: A cybersecurity risk management method may include recommending, for each of a plurality of affiliates of an entity, a respective cybersecurity criticality tier selected from a set of cybersecurity criticality tiers; receiving user input adjusting and/or adopting the recommended cybersecurity criticality tier for each of the affiliates; assigning each of the affiliates to the respective adjusted or adopted cybersecurity criticality tier; obtaining respective security scores for the affiliates; and displaying a user interface component configured to show a visualization of a cybersecurity risk management plan of the entity with respect to the plurality of affiliates, wherein the risk management plan partitions the affiliates into a plurality of affiliate sets based on the security scores and the assigned cybersecurity criticality tiers of the affiliates and specifies, for each of the affiliate sets, an action to be taken by the entity with respect to the affiliates in the affiliate set.

Abstract: Disclosed herein are computer-implemented methods and systems for forecasting security ratings for an entity. The methods and systems can include generating a plurality of simulated instantiations of a security scenario for the entity, in which the security scenario characterized by a plurality of security events associated with at least one event type. The methods and systems can further include determining a security rating for each instantiation of the plurality of instantiations; and generating a forecast cone based on the determined security ratings for the plurality of instantiations. In some examples, for each event type of the at least one event type, the methods and systems can include determining a rate, duration, and/or temporal placement of the security events associated with the event type over a forecasting period.

Abstract: A computer-implemented method is provided for comparing the security profile of a particular entity to peer entities. The method can include receiving, for a particular entity, (i) a value for at least one feature and (ii) a number of security records of one or more security risk types. The method can include determining peer entities based on the value of the features; obtaining, for each peer entity, a number of security records; and adjusting the number of peer security records based on the number of entity security records. The method can further include comparing, for one or more security risk types, the received number of security records for the particular entity to the respective adjusted number of security records for each peer entity; and comparing a security profile of the particular entity to security profiles of the population of peer entities based on the comparison for the security risk types.

Abstract: Disclosed herein are computer-implemented methods and systems for forecasting security ratings for an entity. The methods and systems can include generating a plurality of simulated instantiations of a security scenario for the entity, in which the security scenario characterized by a plurality of security events associated with at least one event type. The methods and systems can further include determining a security rating for each instantiation of the plurality of instantiations; and generating a forecast cone based on the determined security ratings for the plurality of instantiations. In some examples, for each event type of the at least one event type, the methods and systems can include determining a rate, duration, and/or temporal placement of the security events associated with the event type over a forecasting period.

Abstract: A system and method for setting alert thresholds related to cybersecurity ratings of one or more affiliate entities. An example method includes: obtaining entity data including cybersecurity event data for an affiliate entity; calculating a time-series cybersecurity rating for the affiliate entity based on the entity data; associating an alert reporting threshold with the time-series cybersecurity rating, wherein a comparison of the alert reporting threshold to the time-series cybersecurity rating determines a number of alerts reported for the affiliate entity; applying an alternative alert reporting threshold against the time-series cybersecurity rating to determine an alternative number of alerts reported for the affiliate entity; and updating the alert reporting threshold for the time-series cybersecurity rating to the alternative alert reporting threshold.

Abstract: A computer-implemented method is provided for statistical modeling of entities of a particular type. The method can include obtaining entity data including a plurality of entity data sets, each entity data set associated with a respective entity and including values for one or more static parameters indicative of a type of the entity. Each entity data set can include (i) values for input parameter(s) indicative of a security profile of the entity and (ii) a value of a security class parameter indicative of a security class of the entity based on the values of the input parameters. The method can include training a statistical classifier to infer a value of the security class parameter indicative of the security class of a particular entity of the particular type based on values of one or more of the input parameters indicative of a security profile of the particular entity.

Abstract: A cybersecurity risk management method may include recommending, for each of a plurality of affiliates of an entity, a respective cybersecurity criticality tier selected from a set of cybersecurity criticality tiers; receiving user input adjusting and/or adopting the recommended cybersecurity criticality tier for each of the affiliates; assigning each of the affiliates to the respective adjusted or adopted cybersecurity criticality tier; obtaining respective security scores for the affiliates; and displaying a user interface component configured to show a visualization of a cybersecurity risk management plan of the entity with respect to the plurality of affiliates, wherein the risk management plan partitions the affiliates into a plurality of affiliate sets based on the security scores and the assigned cybersecurity criticality tiers of the affiliates and specifies, for each of the affiliate sets, an action to be taken by the entity with respect to the affiliates in the affiliate set.

Abstract: A computer-implemented method is provided for comparing the security profile of a particular entity to peer entities. The method can include receiving, for a particular entity, (i) a value for at least one feature and (ii) a number of security records of one or more security risk types. The method can include determining peer entities based on the value of the features; obtaining, for each peer entity, a number of security records; and adjusting the number of peer security records based on the number of entity security records. The method can further include comparing, for one or more security risk types, the received number of security records for the particular entity to the respective adjusted number of security records for each peer entity; and comparing a security profile of the particular entity to security profiles of the population of peer entities based on the comparison for the security risk types.

Abstract: A computer-implemented method is provided for statistical modeling of entities of a particular type. The method can include obtaining entity data including a plurality of entity data sets, each entity data set associated with a respective entity and including values for one or more static parameters indicative of a type of the entity. Each entity data set can include (i) values for input parameter(s) indicative of a security profile of the entity and (ii) a value of a security class parameter indicative of a security class of the entity based on the values of the input parameters. The method can include training a statistical classifier to infer a value of the security class parameter indicative of the security class of a particular entity of the particular type based on values of one or more of the input parameters indicative of a security profile of the particular entity.

Abstract: A system and method for setting alert thresholds related to cybersecurity ratings of one or more affiliate entities. An example method includes: obtaining entity data including cybersecurity event data for an affiliate entity; calculating a time-series cybersecurity rating for the affiliate entity based on the entity data; associating an alert reporting threshold with the time-series cybersecurity rating, wherein a comparison of the alert reporting threshold to the time-series cybersecurity rating determines a number of alerts reported for the affiliate entity; applying an alternative alert reporting threshold against the time-series cybersecurity rating to determine an alternative number of alerts reported for the affiliate entity; and updating the alert reporting threshold for the time-series cybersecurity rating to the alternative alert reporting threshold.

Abstract: A computer-implemented method is provided for statistical modeling of entities of a particular type. The method can include obtaining entity data including a plurality of entity data sets, each entity data set associated with a respective entity and including values for one or more static parameters indicative of a type of the entity. Each entity data set can include (i) values for input parameter(s) indicative of a security profile of the entity and (ii) a value of a security class parameter indicative of a security class of the entity based on the values of the input parameters. The method can include training a statistical classifier to infer a value of the security class parameter indicative of the security class of a particular entity of the particular type based on values of one or more of the input parameters indicative of a security profile of the particular entity.