CA3150264A1 - SYSTEMS AND METHODS FOR MONITORING AND CORRECTING COMPUTER SYSTEM SECURITY PRACTICES - Google Patents
SYSTEMS AND METHODS FOR MONITORING AND CORRECTING COMPUTER SYSTEM SECURITY PRACTICES Download PDFInfo
- Publication number
- CA3150264A1 CA3150264A1 CA3150264A CA3150264A CA3150264A1 CA 3150264 A1 CA3150264 A1 CA 3150264A1 CA 3150264 A CA3150264 A CA 3150264A CA 3150264 A CA3150264 A CA 3150264A CA 3150264 A1 CA3150264 A1 CA 3150264A1
- Authority
- CA
- Canada
- Prior art keywords
- security policy
- procedures
- risk management
- computing
- changes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 238000012544 monitoring process Methods 0.000 title claims abstract description 10
- 238000007726 management method Methods 0.000 claims description 60
- 230000008520 organization Effects 0.000 claims description 36
- 230000004044 response Effects 0.000 claims description 15
- 230000008859 change Effects 0.000 claims description 12
- 238000012913 prioritisation Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 description 23
- 238000012545 processing Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 10
- 230000006872 improvement Effects 0.000 description 7
- 238000013070 change management Methods 0.000 description 6
- 230000009885 systemic effect Effects 0.000 description 5
- 210000003813 thumb Anatomy 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 230000002155 anti-virotic effect Effects 0.000 description 4
- 206010003549 asthenia Diseases 0.000 description 4
- 238000004891 communication Methods 0.000 description 4
- 208000016258 weakness Diseases 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 3
- 230000000875 corresponding effect Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 230000036528 appetite Effects 0.000 description 2
- 235000019789 appetite Nutrition 0.000 description 2
- 238000012550 audit Methods 0.000 description 2
- 230000007812 deficiency Effects 0.000 description 2
- 230000002950 deficient Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 241000283923 Marmota monax Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000001627 detrimental effect Effects 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 208000015181 infectious disease Diseases 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000005067 remediation Methods 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 239000004576 sand Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 230000003442 weekly effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3466—Performance evaluation by tracing or monitoring
- G06F11/3495—Performance evaluation by tracing or monitoring for systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/84—Using snapshots, i.e. a logical point-in-time copy of the data
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Debugging And Monitoring (AREA)
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US16/573,175 US11258828B2 (en) | 2018-05-28 | 2019-09-17 | Systems and methods for monitoring and correcting computer system security practices |
| US16/573,175 | 2019-09-17 | ||
| PCT/US2020/044948 WO2021055112A1 (en) | 2019-09-17 | 2020-08-05 | Systems and methods for monitoring and correcting computer system security practices |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA3150264A1 true CA3150264A1 (en) | 2021-03-25 |
Family
ID=74884515
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA3150264A Pending CA3150264A1 (en) | 2019-09-17 | 2020-08-05 | SYSTEMS AND METHODS FOR MONITORING AND CORRECTING COMPUTER SYSTEM SECURITY PRACTICES |
Country Status (4)
| Country | Link |
|---|---|
| EP (1) | EP4032246A4 (de) |
| AU (1) | AU2020348194A1 (de) |
| CA (1) | CA3150264A1 (de) |
| WO (1) | WO2021055112A1 (de) |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6735701B1 (en) * | 1998-06-25 | 2004-05-11 | Macarthur Investments, Llc | Network policy management and effectiveness system |
| US20150033323A1 (en) * | 2003-07-01 | 2015-01-29 | Securityprofiling, Llc | Virtual patching system, method, and computer program product |
| US20130179936A1 (en) * | 2012-01-09 | 2013-07-11 | International Business Machines Corporation | Security policy management using incident analysis |
| DE102012209829A1 (de) | 2012-04-20 | 2013-10-24 | Robert Bosch Gmbh | Kraftfahrzeugbordnetz mit Teilnetzen und Generatoranordnung, Generatoranordnung und Verfahren zum Betreiben eines Bordnetzes |
| US10135874B1 (en) * | 2016-11-16 | 2018-11-20 | VCE IP Holding Company LLC | Compliance management system and method for an integrated computing system |
-
2020
- 2020-08-05 EP EP20865458.2A patent/EP4032246A4/de active Pending
- 2020-08-05 AU AU2020348194A patent/AU2020348194A1/en active Pending
- 2020-08-05 CA CA3150264A patent/CA3150264A1/en active Pending
- 2020-08-05 WO PCT/US2020/044948 patent/WO2021055112A1/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| EP4032246A4 (de) | 2023-10-18 |
| AU2020348194A1 (en) | 2022-03-31 |
| WO2021055112A1 (en) | 2021-03-25 |
| EP4032246A1 (de) | 2022-07-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11693964B2 (en) | Cyber security using one or more models trained on a normal behavior | |
| US20180343278A1 (en) | Synthetic Cyber-Risk Model for Vulnerability Determination | |
| Mu et al. | An intrusion response decision-making model based on hierarchical task network planning | |
| Onwubiko | Cyber security operations centre: Security monitoring for protecting business and supporting cyber defense strategy | |
| WO2019231826A1 (en) | Systems and methods for determining the efficacy of computer system security policies | |
| Beigh et al. | Intrusion Detection and Prevention System: Classification and Quick | |
| Dressler et al. | Operational data classes for establishing situational awareness in cyberspace | |
| Judijanto et al. | Edge of Enterprise Architecture in Addressing Cyber Security Threats and Business Risks | |
| US11979426B2 (en) | Predictive vulnerability management analytics, orchestration, automation and remediation platform for computer systems. networks and devices | |
| Bristow | A sans 2021 survey: Ot/ics cybersecurity | |
| US11258828B2 (en) | Systems and methods for monitoring and correcting computer system security practices | |
| Szabó | Cybersecurity issues in industrial control systems | |
| Crowley et al. | The Definition of SOC-cess | |
| Mitsarakis | Contemporary Cyber Threats to Critical Infrastructures: Management and Countermeasures | |
| Panguluri et al. | Cyber security: protecting water and wastewater infrastructure | |
| AU2020348194A1 (en) | Systems and methods for monitoring and correcting computer system security practices | |
| Metzger | Cyber safety in the era of cyber warfare | |
| Akheel | Vulnerability Assessment and Analysis of SCADA and Foundation Fieldbus on Industrial Control System (ICS) Networks: A Literature Revie. | |
| Bromiley | Effectively Addressing Advanced Threats | |
| Fortunato | Risk Management in ICS/SCADA Systems to Enhance Security within the Energy Sector | |
| Irfan et al. | Information Security Framework Targeting DDOS attacks in Financial Institutes | |
| Christopher | Protecting the Industrial Control System Environment: Implementing Active Cyber Defense to Aid Mitigation of Threat Intrusions | |
| Malik | Cybersecurity: Security Automation and Continous Monitoring | |
| Brewer | Protecting critical control systems | |
| US20240134990A1 (en) | Monitoring and remediation of cybersecurity risk based on calculation of cyber-risk domain scores |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request |
Effective date: 20230706 |
|
| EEER | Examination request |
Effective date: 20230706 |