US20220092506A1 - Methods and Systems for Determining an Optimal Portfolio of Cyber Security Related Projects - Google Patents
Methods and Systems for Determining an Optimal Portfolio of Cyber Security Related Projects Download PDFInfo
- Publication number
- US20220092506A1 US20220092506A1 US17/540,756 US202117540756A US2022092506A1 US 20220092506 A1 US20220092506 A1 US 20220092506A1 US 202117540756 A US202117540756 A US 202117540756A US 2022092506 A1 US2022092506 A1 US 2022092506A1
- Authority
- US
- United States
- Prior art keywords
- projects
- portfolio
- cyber security
- expected
- loss
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 17
- 238000005457 optimization Methods 0.000 claims description 7
- 238000004422 calculation algorithm Methods 0.000 claims description 2
- 238000009826 distribution Methods 0.000 description 39
- 230000009467 reduction Effects 0.000 description 25
- 238000013459 approach Methods 0.000 description 9
- 239000011159 matrix material Substances 0.000 description 9
- 238000004590 computer program Methods 0.000 description 8
- 230000008901 benefit Effects 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000011002 quantification Methods 0.000 description 2
- 230000002195 synergetic effect Effects 0.000 description 2
- 238000000342 Monte Carlo simulation Methods 0.000 description 1
- 239000000969 carrier Substances 0.000 description 1
- 238000005315 distribution function Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0637—Strategic management or analysis, e.g. setting a goal or target of an organisation; Planning actions based on goals; Analysis or evaluation of effectiveness of goals
- G06Q10/06375—Prediction of business process outcome or impact based on a proposed change
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Definitions
- FIG. 1 illustrates a distribution of a Poisson probability distribution, according to embodiments of the present disclosure.
- FIG. 2 illustrates a log-normal distribution, according to embodiments of the present disclosure.
- FIG. 3 illustrates a scorecard that can estimate the probability of an event happening in any given month based on the expected frequency of that event, according to embodiments of the present disclosure.
- FIG. 4 illustrates an example of a matrix that can be utilized for the calculation of both portfolio redundancies and synergies for a portfolio, according to embodiments of the present disclosure.
- FIG. 5 illustrates an example computer, according to embodiments of the present disclosure.
- Projects can include new and/or existing internal initiatives and/or market offerings. Projects can also include: tools and applications, internal initiatives, vendor solutions, frameworks, and other efforts to mitigate cyber security loss. In some embodiments, calculating the aggregate expected loss of a given portfolio of projects can compare distinct portfolios against each other in terms of Return on Investment (ROI). This approach can help management facing resource constraints to choose an optimal combination of projects from multiple projects in order to mitigate loss from cyber security events.
- ROI Return on Investment
- Quantification of cyber loss can include techniques that combine the likelihood of a cyber event with the impact of that event should it materialize.
- a technique is a Loss Distribution Approach (LDA).
- LDA Loss Distribution Approach
- likelihood can be referred to as frequency and impact can be referred to as severity.
- the loss distribution approach can be a process that uses frequency and severity distributions, and can be used to quantify a wide variety of cyber security threats.
- a scorecard approach can be a framework used to help assess the frequency and severity of these threats.
- expected cyber loss can be calculated by combining frequency and severity.
- the expected loss reduction contributions of each selected project can be aggregated to a portfolio view.
- a more accurate portfolio level expected loss reduction can be calculated. For example, by removing project redundancies from expected loss reductions and reducing project costs through the identification of project synergies, a more accurate portfolio expected loss reduction can be estimated.
- an LDA approach can be used by an institution to calculate expected loss from operational risk.
- This technique first identifies a time horizon (e.g., one year, one month, one week, one day) where losses could occur from various operational risks.
- These operational risks can be separated into categories of business lines (e.g., corporate finance, sales & trading, retail banking, etc.) and risk types (e.g., internal fraud, external fraud, damage to physical assets, etc.).
- Expected loss from operational risk can then be calculated over the specified time period for each risk type within each business line. Within each business line/risk type pair, expected loss can be calculated through the convolution of frequency and severity distributions.
- Frequency distributions can be forward looking and describe the probability that [[a]] risk event(s) could happen.
- a Poisson probability distribution can be used for frequency.
- the Poisson probability distribution can be a discrete probability distribution that gives the probability of a certain number of events occurring over a specified period of time.
- the mean and variance of the distribution can be given by one parameter, lambda ( ⁇ ). Equation 1 describes how the probability of k events happening is calculated within a Poisson distribution for a given lambda.
- FIG. 1 illustrates a distribution of a Poisson probability distribution when lambda is equal to three.
- FIG. 1 can illustrate the probability distribution categorized by an expected three successful cyberattacks on the sales and trading arm of an international investment bank per year.
- Severity distributions can be forward looking, and can describe the loss that would be associated with a realized event categorized by the frequency distribution described above.
- the log-normal distribution can be used within the field of operational risk to express the range of potential losses.
- the mean and variance of the log-normal distribution can be mu ⁇ and sigma squared ⁇ 2 , respectively. Equation (2) calculates the probability of a loss (x) being realized from a log normal distribution with a given mean and standard deviation.
- FIG. 2 can illustrate a log-normal distribution when ⁇ is 100 million and ⁇ is 80 million.
- the loss frequency and loss distribution can be combined to simulate the expected loss distribution. This can be called convolution.
- a Monte Carlo simulation can be used to estimate the aggregate distribution of losses, with K simulations.
- the sequence of calculations can be as follows:
- VaR the mean
- q the VaR threshold
- a scorecard can be a common framework used to translate expert judgement into probabilities. First, a discrete number of opportunities can be identified per given period that are subject to cyber risk loss. For example, we could assume that 10 opportunities per month are subject to a cyber event. The scorecard in FIG. 3 could be presented to experts to estimate the probability of an event happening in any given month based on the expected frequency of that event.
- Scorecards can be good for calibrating simple discrete frequency distributions such as the Poisson probability distribution where there is only one parameter to calculate (e.g., lambda).
- Continuous distributions e.g., the log-normal distribution
- a technique that calculates the parameters of a log-normal distribution by soliciting a cyber loss bound parameter can be used to determine lower and upper bounds. The bounds can be calculated such that the lower end of the bound and the upper end of the bound can be determined by a given percentage of the total loss curve that the two bounds would encapsulate.
- Equation 4 the mean of the log-normal distribution.
- ⁇ i log ⁇ ( LB i ) + log ⁇ ( UB i ) 2
- ⁇ LB i Lower ⁇ ⁇ z ⁇ ⁇ Loss ⁇ ⁇ Bound
- ⁇ UB i Upper ⁇ ⁇ z ⁇ ⁇ Loss ⁇ ⁇ Bound ⁇ ⁇
- the standard deviation can be given by the following:
- ⁇ i log ⁇ ( UB i ) - log ⁇ ( LB i ) log ⁇ zz ⁇ ( z ) ( 5 )
- FIG. 4 illustrates an example of a matrix that an be utilized for the calculation of both portfolio redundancies and synergies for a portfolio considering 30 potential projects for inclusion.
- the diagonal elements are zeros (not 1s) as each project cannot be either synergistic or redundant with itself.
- Each pairwise element can show the percentage synergy or redundancy (e.g., as a percent of combined expected loss reduction) that would need to be added or subtracted from the inclusion of that pair in the portfolio.
- the weighted average redundancies or synergies within the portfolio can be calculated using the following formula:
- ⁇ i,j can be the full synergy or redundancy matrix
- w i , w j can be the weights of the individual project costs within the portfolio of project costs to which the relevant synergy/redundancy coefficient relates.
- the calculated redundancies and synergies of the portfolio of project costs can then be used to obtain the ROI of investing in all of the cyber related projects.
- the ROI can be the total expected reduction in losses from cyber security threats less the cost of implementing the cyber security projects, or the return, divided by the cost of implementing the cyber security projects, or the investment.
- the total expected loss reduction can be the sum of all expected loss reductions less the fraction of portfolio redundancies calculated using equation (6).
- the cost of implementing all of the projects can be the sum of all project costs less the fraction of portfolio synergies calculated using equation (6).
- the resulting ROI can be:
- LR can be the expected loss reduction across all projects, adjusted for redundancies
- TC can be the total cost of all projects, adjusted for synergies.
- the expected loss reduction can be:
- r i can be the expected loss reduction for an individual project and ⁇ av(red) can be the total portfolio redundancy coefficient.
- Equation (6) can also be used to calculate the total cost.
- the total cost can be:
- c i can be the cost of an individual project
- ⁇ av(syn) can be the total portfolio synergy coefficient
- This ROI approach can assume that the organization that is implementing these cyber security projects has a budget that can invest in every project in the portfolio of cyber security projects. Of course, most companies have a limited budget and can only select a subset of projects. Thus, in some aspects of the disclosure, an optimization can be set up to select the optimal set of projects that will maximize the expected loss reduction.
- Equation (6) can be explained at a more general level as follows:
- the project portfolio optimized expected loss reduction model can use the following variables as inputs:
- p a and p ays can be functions of the following:
- ⁇ i,j can be the synergy or redundancy associated with each pair of cybersecurity projects i, j, and
- the optimization can be set up as an integer programming problem, and the optimization engine that can be used to solve the problem can be an evolutionary algorithm.
- the following steps describe an example set-up for the optimization:
- the result of the optimization can give us a subset of projects that can maximize the expected loss reduction given the budget that has been set aside for cyber security projects.
- Methods described herein may represent processing that occurs within a system for managing a configuration of an application.
- the subject matter described herein can be implemented in digital electronic circuitry, or in computer software, firmware, or hardware, including the structural means disclosed in this specification and structural equivalents thereof, or in combinations of them.
- the subject matter described herein can be implemented as one or more computer program products, such as one or more computer programs tangibly embodied in an information carrier (e.g., in a machine readable storage device), or embodied in a propagated signal, for execution by, or to control the operation of, data processing apparatus (e.g., a programmable processor, a computer, or multiple computers).
- a computer program (also known as a program, software, software application, or code) can be written in any form of programming language, including compiled or interpreted languages, and it can be deployed in any form, including as a stand-alone program or as a module, component, subroutine, or other unit suitable for use in a computing environment.
- a computer program does not necessarily correspond to a file.
- a program can be stored in a portion of a file that holds other programs or data, in a single file dedicated to the program in question, or in multiple coordinated files (e.g., files that store one or more modules, sub programs, or portions of code).
- a computer program can be deployed to be executed on one computer or on multiple computers at one site or distributed across multiple sites and interconnected by a communication network.
- the processes and logic flows described in this specification can be performed by one or more programmable processors (e.g., processor 510 in FIG. 5 ) executing one or more computer programs to perform functions of the subject matter described herein by operating on input data and generating output.
- the processes and logic flows can also be performed by, and apparatus of the subject matter described herein can be implemented as, special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application specific integrated circuit).
- FIG. 5 illustrates an example computer 505 .
- Computer 505 can include a processor 510 suitable for the execution of a computer program, and can include, by way of example, both general and special purpose microprocessors, and any one or more processor of any kind of digital computer.
- a processor can receive instructions and data from a memory 530 (e.g., a read only memory or a random access memory or both).
- Processor 510 can execute instructions and the memory 530 can store instructions and data.
- a computer can include, or be operatively coupled to receive data from or transfer data to, or both, a storage medium 540 for storing data (e.g., magnetic, magneto optical disks, or optical disks).
- Information carriers suitable for embodying computer program instructions and data can include all forms of nonvolatile memory, including by way of example semiconductor memory devices, such as EPROM, EEPROM, flash memory device, or magnetic disks.
- semiconductor memory devices such as EPROM, EEPROM, flash memory device, or magnetic disks.
- the processor 510 and the memory 530 can be supplemented by, or incorporated in, special purpose logic circuitry.
- the computer 505 can also include an input/output 520 , a display 550 , and a communications interface 560 .
Abstract
Description
- This application is a continuation of U.S. patent application Ser. No. 16/517,280, filed on Jul. 19, 2019. This application is herein incorporated by reference in its entirety for all purposes.
- Various objectives, features, and advantages of the disclosed subject matter can be more fully appreciated with reference to the following detailed description of the disclosed subject matter when considered in connection with the following drawings, in which like reference numerals identify like elements.
-
FIG. 1 illustrates a distribution of a Poisson probability distribution, according to embodiments of the present disclosure. -
FIG. 2 illustrates a log-normal distribution, according to embodiments of the present disclosure. -
FIG. 3 illustrates a scorecard that can estimate the probability of an event happening in any given month based on the expected frequency of that event, according to embodiments of the present disclosure. -
FIG. 4 illustrates an example of a matrix that can be utilized for the calculation of both portfolio redundancies and synergies for a portfolio, according to embodiments of the present disclosure. -
FIG. 5 illustrates an example computer, according to embodiments of the present disclosure. - The drawings are not necessarily to scale, or inclusive of all elements of a system, emphasis instead generally being placed upon illustrating the concepts, structures, and techniques sought to be protected herein.
- By investing in cyber security projects, entities can reduce expected losses. Methods and Systems are disclosed herein for calculating the aggregate expected loss reduction from a portfolio of one or more cyber security related projects. Projects can include new and/or existing internal initiatives and/or market offerings. Projects can also include: tools and applications, internal initiatives, vendor solutions, frameworks, and other efforts to mitigate cyber security loss. In some embodiments, calculating the aggregate expected loss of a given portfolio of projects can compare distinct portfolios against each other in terms of Return on Investment (ROI). This approach can help management facing resource constraints to choose an optimal combination of projects from multiple projects in order to mitigate loss from cyber security events.
- Quantification of cyber loss can include techniques that combine the likelihood of a cyber event with the impact of that event should it materialize. One example of such a technique is a Loss Distribution Approach (LDA). In an LDA framework such as that discussed in aspects of the disclosure, likelihood can be referred to as frequency and impact can be referred to as severity. The loss distribution approach (LDA) can be a process that uses frequency and severity distributions, and can be used to quantify a wide variety of cyber security threats. A scorecard approach can be a framework used to help assess the frequency and severity of these threats.
- In some aspects of the disclosure, expected cyber loss can be calculated by combining frequency and severity. In addition, in some aspects, the expected loss reduction contributions of each selected project can be aggregated to a portfolio view. Furthermore, by considering the redundancies and synergies among selected projects, a more accurate portfolio level expected loss reduction can be calculated. For example, by removing project redundancies from expected loss reductions and reducing project costs through the identification of project synergies, a more accurate portfolio expected loss reduction can be estimated.
- In some aspects of the disclosure, given a specific budget constraint, we can set up an integer optimization to select a subset of cyber security projects that will maximize the expected loss reduction from cyber security threats and help identify high ROI projects.
- Loss Distribution Approach
- In some aspects of the disclosure, an LDA approach can be used by an institution to calculate expected loss from operational risk. This technique first identifies a time horizon (e.g., one year, one month, one week, one day) where losses could occur from various operational risks. These operational risks can be separated into categories of business lines (e.g., corporate finance, sales & trading, retail banking, etc.) and risk types (e.g., internal fraud, external fraud, damage to physical assets, etc.). Expected loss from operational risk can then be calculated over the specified time period for each risk type within each business line. Within each business line/risk type pair, expected loss can be calculated through the convolution of frequency and severity distributions.
- Frequency distributions can be forward looking and describe the probability that [[a]] risk event(s) could happen. For example, a Poisson probability distribution can be used for frequency. The Poisson probability distribution can be a discrete probability distribution that gives the probability of a certain number of events occurring over a specified period of time. The mean and variance of the distribution can be given by one parameter, lambda (λ).
Equation 1 describes how the probability of k events happening is calculated within a Poisson distribution for a given lambda. -
-
FIG. 1 illustrates a distribution of a Poisson probability distribution when lambda is equal to three. For example,FIG. 1 can illustrate the probability distribution categorized by an expected three successful cyberattacks on the sales and trading arm of an international investment bank per year. - Severity distributions can be forward looking, and can describe the loss that would be associated with a realized event categorized by the frequency distribution described above. The log-normal distribution can be used within the field of operational risk to express the range of potential losses. The mean and variance of the log-normal distribution can be mu μ and sigma squared σ2, respectively. Equation (2) calculates the probability of a loss (x) being realized from a log normal distribution with a given mean and standard deviation.
-
-
FIG. 2 can illustrate a log-normal distribution when μ is 100 million and σ is 80 million. - Estimation of Portfolio Losses
- The loss frequency and loss distribution can be combined to simulate the expected loss distribution. This can be called convolution. A Monte Carlo simulation can be used to estimate the aggregate distribution of losses, with K simulations. The sequence of calculations can be as follows:
- 1) For k=1, . . . , K
-
- a. Simulate the number of events N using a Poisson distribution
- b. Simulate the severities X1, . . . , XN from the severity distributions
- c. Calculate the aggregate losses Zs=Σi=1 NXi
- The distribution of losses can then be used to compute the mean, VaR (q), and the expected shortfall, where q is the VaR threshold (e.g., the 95th or the 99th percentile).
- The expected shortfall can be given by
-
ES(q)=E(Z|Z>VaR(q)), (3) - or, equivalently, the average losses above the calculated VaR.
- Techniques for Deriving Parameters for Frequency and Severity Distributions
- A challenge facing operational risk professionals is the lack of data required for the estimation of the parameters of the distributions described above. Given the idiosyncratic nature of operational risks, historical data, even if available, may not necessarily be a good predictor of future events. Accordingly, many practitioners may rely on expert judgement to arrive at the parameters of the requisite distributions. Below we describe an example of how to translate expert judgment into quantitative estimates.
- A scorecard can be a common framework used to translate expert judgement into probabilities. First, a discrete number of opportunities can be identified per given period that are subject to cyber risk loss. For example, we could assume that 10 opportunities per month are subject to a cyber event. The scorecard in
FIG. 3 could be presented to experts to estimate the probability of an event happening in any given month based on the expected frequency of that event. - Scorecards can be good for calibrating simple discrete frequency distributions such as the Poisson probability distribution where there is only one parameter to calculate (e.g., lambda). Continuous distributions (e.g., the log-normal distribution) that can require a mean and standard deviation, can use a more sophisticated approach. For example, a technique that calculates the parameters of a log-normal distribution by soliciting a cyber loss bound parameter can be used to determine lower and upper bounds. The bounds can be calculated such that the lower end of the bound and the upper end of the bound can be determined by a given percentage of the total loss curve that the two bounds would encapsulate.
- For example, an expert could be asked what loss amounts she expected 80 percent of the potential loss to fall between. If the two loss amounts are believed to be 20 million and 160 million, then the bound parameter would be 80, the lower bound would be 20 and the upper bound would be 160. These three numbers (e.g., 20, 80, and 160) can be used to parameterize a log-normal distribution.
- For example, the mean of the log-normal distribution can be described by Equation 4:
-
-
- normal distribution function
so that -
log zz(z)=2f(x,0,1) - Assuming a mean of 0 and unit variance, we can obtain the following:
-
- The standard deviation can be given by the following:
-
- Portfolio Dynamics Project
- Many cyber loss quantification approaches focus on the relationships and/or dependencies among the various cyber risks. In some aspects of the disclosure, we can model the relationships and/or dependencies among the various cyber risk mitigants.
- Attempts to quantify the benefits of investing in cyber related projects can assume that the aggregated benefits of all of the projects can be merely a sum of the individual benefits. In practice, two projects may seem attractive on their own, but because they reduce expected loss redundantly, it may not be appropriate to include both in the same portfolio. Similarly, there may be two projects that individually are not attractive, but are synergistic and together they contribute more to expected loss reduction than individually.
- By understanding the dynamics of each project within the project portfolio can a more accurate portfolio expected loss reduction be estimated. Here we can utilize redundancy and/or synergy matrices to adjust gross expected loss reduction to arrive at net expected loss reduction.
-
FIG. 4 illustrates an example of a matrix that an be utilized for the calculation of both portfolio redundancies and synergies for a portfolio considering 30 potential projects for inclusion. - Only the lower left triangle of the matrix in
FIG. 4 is necessary, as the upper triangle can be necessarily symmetric and can contain the same information. Unlike a correlation matrix, the diagonal elements are zeros (not 1s) as each project cannot be either synergistic or redundant with itself. Each pairwise element can show the percentage synergy or redundancy (e.g., as a percent of combined expected loss reduction) that would need to be added or subtracted from the inclusion of that pair in the portfolio. - The weighted average redundancies or synergies within the portfolio can be calculated using the following formula:
-
- Here ρi,j can be the full synergy or redundancy matrix, and wi, wj can be the weights of the individual project costs within the portfolio of project costs to which the relevant synergy/redundancy coefficient relates.
- The calculated redundancies and synergies of the portfolio of project costs can then be used to obtain the ROI of investing in all of the cyber related projects. The ROI can be the total expected reduction in losses from cyber security threats less the cost of implementing the cyber security projects, or the return, divided by the cost of implementing the cyber security projects, or the investment. The total expected loss reduction can be the sum of all expected loss reductions less the fraction of portfolio redundancies calculated using equation (6). The cost of implementing all of the projects can be the sum of all project costs less the fraction of portfolio synergies calculated using equation (6). The resulting ROI can be:
-
- where LR can be the expected loss reduction across all projects, adjusted for redundancies, and TC can be the total cost of all projects, adjusted for synergies.
- Using equation (6) to calculate project redundancies, the expected loss reduction can be:
-
LR=(1−ρav(red))Σi=1 N r i, (8) - where ri can be the expected loss reduction for an individual project and ρav(red) can be the total portfolio redundancy coefficient.
- Equation (6) can also be used to calculate the total cost. The total cost can be:
-
TC=(1−ρav(syn))Σi=1 N c i, (9) - where ci can be the cost of an individual project, and ρav(syn) can be the total portfolio synergy coefficient.
- This ROI approach can assume that the organization that is implementing these cyber security projects has a budget that can invest in every project in the portfolio of cyber security projects. Of course, most companies have a limited budget and can only select a subset of projects. Thus, in some aspects of the disclosure, an optimization can be set up to select the optimal set of projects that will maximize the expected loss reduction.
- Portfolio Expected Loss Reduction
- Equation (6) can be explained at a more general level as follows:
- The project portfolio optimized expected loss reduction model (LR) can use the following variables as inputs:
-
LR=F(r i ,c i,ρavr,ρavs) (10) - where:
-
- ri can be the expected loss reduction for an individual cyber security project
- ci can be the cost of an individual project
- ρavr can be the full portfolio redundancy matrix; and
- ρavs can be the full portfolio synergy matrix.
- In more generalized terms, pa, and pays can be functions of the following:
-
ρavx =F(w i ,w j ,p i,j) (11) - where ρi,j can be the synergy or redundancy associated with each pair of cybersecurity projects i, j, and
-
x=r or s - where:
-
- r can indicate a redundancy matrix and s can indicate a synergy matrix; and
- wi, w1 can be the weights of the individual project costs within the portfolio of project costs to which the relevant redundancy or synergy coefficient relates.
- Maximizing the Portfolio Expected Loss Reduction
- The optimization can be set up as an integer programming problem, and the optimization engine that can be used to solve the problem can be an evolutionary algorithm. The following steps describe an example set-up for the optimization:
-
- 1. Objective Function: Maximize the expected loss reduction, or
-
LR Max=Max[(1−ρav(red))Σi=1 N r i]. -
- 2. Decision Variables: A value of 1 can be used to select projects that contribute to maximizing the expected loss reduction; a value of 0 can be used to designate projects that will not be implemented.
- 3. Constraint: The constraint can be the budget that has been set aside to invest in cyber security projects.
- The result of the optimization can give us a subset of projects that can maximize the expected loss reduction given the budget that has been set aside for cyber security projects.
- Computer Configuration
- Methods described herein may represent processing that occurs within a system for managing a configuration of an application. The subject matter described herein can be implemented in digital electronic circuitry, or in computer software, firmware, or hardware, including the structural means disclosed in this specification and structural equivalents thereof, or in combinations of them. The subject matter described herein can be implemented as one or more computer program products, such as one or more computer programs tangibly embodied in an information carrier (e.g., in a machine readable storage device), or embodied in a propagated signal, for execution by, or to control the operation of, data processing apparatus (e.g., a programmable processor, a computer, or multiple computers). A computer program (also known as a program, software, software application, or code) can be written in any form of programming language, including compiled or interpreted languages, and it can be deployed in any form, including as a stand-alone program or as a module, component, subroutine, or other unit suitable for use in a computing environment. A computer program does not necessarily correspond to a file. A program can be stored in a portion of a file that holds other programs or data, in a single file dedicated to the program in question, or in multiple coordinated files (e.g., files that store one or more modules, sub programs, or portions of code). A computer program can be deployed to be executed on one computer or on multiple computers at one site or distributed across multiple sites and interconnected by a communication network.
- The processes and logic flows described in this specification, including the method steps of the subject matter described herein, can be performed by one or more programmable processors (e.g.,
processor 510 inFIG. 5 ) executing one or more computer programs to perform functions of the subject matter described herein by operating on input data and generating output. The processes and logic flows can also be performed by, and apparatus of the subject matter described herein can be implemented as, special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application specific integrated circuit). -
FIG. 5 illustrates anexample computer 505.Computer 505 can include aprocessor 510 suitable for the execution of a computer program, and can include, by way of example, both general and special purpose microprocessors, and any one or more processor of any kind of digital computer. A processor can receive instructions and data from a memory 530 (e.g., a read only memory or a random access memory or both).Processor 510 can execute instructions and thememory 530 can store instructions and data. A computer can include, or be operatively coupled to receive data from or transfer data to, or both, astorage medium 540 for storing data (e.g., magnetic, magneto optical disks, or optical disks). Information carriers suitable for embodying computer program instructions and data can include all forms of nonvolatile memory, including by way of example semiconductor memory devices, such as EPROM, EEPROM, flash memory device, or magnetic disks. Theprocessor 510 and thememory 530 can be supplemented by, or incorporated in, special purpose logic circuitry. - The
computer 505 can also include an input/output 520, adisplay 550, and acommunications interface 560. - It is to be understood that the disclosed subject matter is not limited in its application to the details of construction and to the arrangements of the components set forth in the following description or illustrated in the drawings. The disclosed subject matter is capable of other embodiments and of being practiced and carried out in various ways. Accordingly, other implementations are within the scope of the following claims. Also, it is to be understood that the phraseology and terminology employed herein are for the purpose of description and should not be regarded as limiting. As such, those skilled in the art will appreciate that the conception, upon which this disclosure is based, may readily be utilized as a basis for the designing of other structures, methods, and systems for carrying out the several purposes of the disclosed subject matter. It is important, therefore, that the claims be regarded as including such equivalent constructions insofar as they do not depart from the spirit and scope of the disclosed subject matter.
- Although the disclosed subject matter has been described and illustrated in the foregoing exemplary embodiments, it is understood that the present disclosure has been made only by way of example, and that numerous changes in the details of implementation of the disclosed subject matter may be made without departing from the spirit and scope of the disclosed subject matter.
- In addition, it should be understood that any figures which highlight the functionality and advantages are presented for example purposes only. The disclosed methodology and system are each sufficiently flexible and configurable such that they may be utilized in ways other than that shown. For example, other steps may be provided, or steps may be eliminated, from the described flows, and other components may be added to, or removed from, the described systems. In addition, the steps, components, formulas, etc. may be used in a different order or configuration than that described in the specification and/or shown in the drawings.
- Although the term “at least one” may often be used in the specification, claims and drawings, the terms “a”, “an”, “the”, “said”, etc. also signify “at least one” or “the at least one” in the specification, claims and drawings.
- Finally, it is the applicant's intent that only claims that include the express language “means for” or “step for” be interpreted under 35 U.S.C. 112(f). Claims that do not expressly include the phrase “means for” or “step for” are not to be interpreted under 35 U.S.C. 112(f).
Claims (1)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/540,756 US20220092506A1 (en) | 2019-07-19 | 2021-12-02 | Methods and Systems for Determining an Optimal Portfolio of Cyber Security Related Projects |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/517,280 US11232384B1 (en) | 2019-07-19 | 2019-07-19 | Methods and systems for determining cyber related projects to implement |
US17/540,756 US20220092506A1 (en) | 2019-07-19 | 2021-12-02 | Methods and Systems for Determining an Optimal Portfolio of Cyber Security Related Projects |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/517,280 Continuation US11232384B1 (en) | 2019-07-19 | 2019-07-19 | Methods and systems for determining cyber related projects to implement |
Publications (1)
Publication Number | Publication Date |
---|---|
US20220092506A1 true US20220092506A1 (en) | 2022-03-24 |
Family
ID=79689722
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/517,280 Active US11232384B1 (en) | 2019-07-19 | 2019-07-19 | Methods and systems for determining cyber related projects to implement |
US17/540,756 Pending US20220092506A1 (en) | 2019-07-19 | 2021-12-02 | Methods and Systems for Determining an Optimal Portfolio of Cyber Security Related Projects |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/517,280 Active US11232384B1 (en) | 2019-07-19 | 2019-07-19 | Methods and systems for determining cyber related projects to implement |
Country Status (1)
Country | Link |
---|---|
US (2) | US11232384B1 (en) |
Citations (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040006704A1 (en) * | 2002-07-02 | 2004-01-08 | Dahlstrom Dale A. | System and method for determining security vulnerabilities |
WO2006065862A2 (en) * | 2004-12-13 | 2006-06-22 | Guinta Lawrence R | Critically/vulnerability/risk logic analysis methodology for business enterprise and cyber security |
WO2011162848A2 (en) * | 2010-04-01 | 2011-12-29 | 21Ct, Inc. | System and method for providing impact modeling and prediction of attacks on cyber targets |
US8494974B2 (en) * | 2010-01-18 | 2013-07-23 | iSIGHT Partners Inc. | Targeted security implementation through security loss forecasting |
US20130304440A1 (en) * | 2012-05-11 | 2013-11-14 | Dassault Systemes Simulia Corp. | Verification of cyber-physical systems using optimization algorithms |
US20130347116A1 (en) * | 2012-06-26 | 2013-12-26 | Zuclu Research, LLC | Threat evaluation system and method |
US20150358341A1 (en) * | 2010-09-01 | 2015-12-10 | Phillip King-Wilson | Assessing Threat to at Least One Computer Network |
US20160012235A1 (en) * | 2014-02-10 | 2016-01-14 | Vivo Security Inc. | Analysis and display of cybersecurity risks for enterprise data |
US20160110819A1 (en) * | 2014-10-21 | 2016-04-21 | Marc Lauren Abramowitz | Dynamic security rating for cyber insurance products |
WO2016075115A1 (en) * | 2014-11-14 | 2016-05-19 | Institut Mines-Telecom/Telecom Sudparis | Selection of countermeasures against cyber attacks |
US20160197953A1 (en) * | 2011-12-22 | 2016-07-07 | Quantar Solutions Limited | Apparatus and method for assessing financial loss from cyber threats capable of affecting at least one computer network |
US20160344760A1 (en) * | 2015-05-22 | 2016-11-24 | John SARKESAIN | Dynamically-adaptive-resilient measured cyber performance and effects through command and control integration of full spectrum capabilities |
US20160373478A1 (en) * | 2015-06-17 | 2016-12-22 | Bank Of America Corporation | Detecting and Analyzing Operational Risk in a Network Environment |
WO2017014823A2 (en) * | 2015-05-04 | 2017-01-26 | Hasan Syed Kamran | Method and device for managing security in a computer network |
US9749344B2 (en) * | 2014-04-03 | 2017-08-29 | Fireeye, Inc. | System and method of cyber threat intensity determination and application to cyber threat mitigation |
US20180005118A1 (en) * | 2016-06-30 | 2018-01-04 | Microsoft Technology Licensing, Llc | Control of cyber-physical systems under uncertainty |
US20180039922A1 (en) * | 2016-08-08 | 2018-02-08 | Quantar Solutions Limited | Apparatus and method for calculating economic loss from electronic threats capable of affecting computer networks |
US9892261B2 (en) * | 2015-04-28 | 2018-02-13 | Fireeye, Inc. | Computer imposed countermeasures driven by malware lineage |
WO2018048991A1 (en) * | 2016-09-08 | 2018-03-15 | Secure Systems Innovation Corporation | Method and system for risk measurement and modeling |
US20180167414A1 (en) * | 2016-12-14 | 2018-06-14 | CyberSaint, Inc. | System and method for monitoring and grading a cybersecurity framework |
US20190098039A1 (en) * | 2017-09-26 | 2019-03-28 | Edge2020 LLC | Determination of cybersecurity recommendations |
US20190236661A1 (en) * | 2018-01-31 | 2019-08-01 | Aon Risk Consultants, Inc. | System and methods for vulnerability assessment and provisioning of related services and products for efficient risk suppression |
US10685293B1 (en) * | 2017-01-20 | 2020-06-16 | Cybraics, Inc. | Methods and systems for analyzing cybersecurity threats |
US20200252423A1 (en) * | 2019-01-31 | 2020-08-06 | Aon Risk Consultants, Inc. | Systems and methods for vulnerability assessment and remedy identification |
US10904282B2 (en) * | 2017-08-08 | 2021-01-26 | American International Group, Inc. | System and method for assessing cybersecurity risk of computer network |
US10931705B2 (en) * | 2018-03-12 | 2021-02-23 | BitSight Technologies, Inc. | Correlated risk in cybersecurity |
US11184401B2 (en) * | 2015-10-28 | 2021-11-23 | Qomplx, Inc. | AI-driven defensive cybersecurity strategy analysis and recommendation system |
Family Cites Families (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8762188B2 (en) * | 2008-05-12 | 2014-06-24 | Ut-Battelle, Llc | Cyberspace security system |
US20090281864A1 (en) * | 2008-05-12 | 2009-11-12 | Abercrombie Robert K | System and method for implementing and monitoring a cyberspace security econometrics system and other complex systems |
US20140108089A1 (en) * | 2008-05-12 | 2014-04-17 | Ut-Battelle, Llc | Cyberspace security system for complex systems |
US8601587B1 (en) * | 2009-09-04 | 2013-12-03 | Raytheon Company | System, method, and software for cyber threat analysis |
US20110252479A1 (en) * | 2010-04-08 | 2011-10-13 | Yolanta Beresnevichiene | Method for analyzing risk |
US20120004946A1 (en) * | 2010-07-01 | 2012-01-05 | Bank Of America Corporation | Integrated Operational Risk Management |
US20120011077A1 (en) * | 2010-07-12 | 2012-01-12 | Bhagat Bhavesh C | Cloud Computing Governance, Cyber Security, Risk, and Compliance Business Rules System and Method |
US10805331B2 (en) * | 2010-09-24 | 2020-10-13 | BitSight Technologies, Inc. | Information technology security assessment system |
US20120191503A1 (en) * | 2011-01-24 | 2012-07-26 | Bank Of America Corporation | Incident cost model |
US8438644B2 (en) * | 2011-03-07 | 2013-05-07 | Isight Partners, Inc. | Information system security based on threat vectors |
US8914880B2 (en) * | 2012-06-08 | 2014-12-16 | VivoSecurity, Inc. | Mechanism to calculate probability of a cyber security incident |
US11080718B2 (en) * | 2012-09-28 | 2021-08-03 | Rex Wiig | System and method of a requirement, active compliance and resource management for cyber security application |
US9680855B2 (en) * | 2014-06-30 | 2017-06-13 | Neo Prime, LLC | Probabilistic model for cyber risk forecasting |
US9294498B1 (en) * | 2014-12-13 | 2016-03-22 | SecurityScorecard, Inc. | Online portal for improving cybersecurity risk scores |
US9699209B2 (en) * | 2014-12-29 | 2017-07-04 | Cyence Inc. | Cyber vulnerability scan analyses with actionable feedback |
US10699018B2 (en) * | 2015-02-16 | 2020-06-30 | G-Software, Inc. | Automated and continuous risk assessment related to a cyber liability insurance transaction |
US9769201B2 (en) * | 2015-03-06 | 2017-09-19 | Radware, Ltd. | System and method thereof for multi-tiered mitigation of cyber-attacks |
CA2968710A1 (en) * | 2016-05-31 | 2017-11-30 | Valarie Ann Findlay | Security threat information gathering and incident reporting systems and methods |
US20180041533A1 (en) * | 2016-08-03 | 2018-02-08 | Empow Cyber Security Ltd. | Scoring the performance of security products |
US10212184B2 (en) * | 2016-10-27 | 2019-02-19 | Opaq Networks, Inc. | Method for the continuous calculation of a cyber security risk index |
US20180189697A1 (en) * | 2016-12-30 | 2018-07-05 | Lookingglass Cyber Solutions, Inc. | Methods and apparatus for processing threat metrics to determine a risk of loss due to the compromise of an organization asset |
US11057417B2 (en) * | 2017-06-23 | 2021-07-06 | Ido Ganor | Enterprise cyber security risk management and resource planning |
US10614401B2 (en) * | 2017-07-28 | 2020-04-07 | SecurityScorecard, Inc. | Reducing cybersecurity risk level of portfolio of companies using a cybersecurity risk multiplier |
US11930032B2 (en) * | 2019-11-25 | 2024-03-12 | Stephen H. Campbell | System and method for enumerating and remediating gaps in cybersecurity defenses |
-
2019
- 2019-07-19 US US16/517,280 patent/US11232384B1/en active Active
-
2021
- 2021-12-02 US US17/540,756 patent/US20220092506A1/en active Pending
Patent Citations (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040006704A1 (en) * | 2002-07-02 | 2004-01-08 | Dahlstrom Dale A. | System and method for determining security vulnerabilities |
WO2006065862A2 (en) * | 2004-12-13 | 2006-06-22 | Guinta Lawrence R | Critically/vulnerability/risk logic analysis methodology for business enterprise and cyber security |
US20100153156A1 (en) * | 2004-12-13 | 2010-06-17 | Guinta Lawrence R | Critically/vulnerability/risk logic analysis methodology for business enterprise and cyber security |
US8494974B2 (en) * | 2010-01-18 | 2013-07-23 | iSIGHT Partners Inc. | Targeted security implementation through security loss forecasting |
US20130282426A1 (en) * | 2010-01-18 | 2013-10-24 | Isight Partners, Inc. | Targeted Security Implementation Through Security Loss Forecasting |
WO2011162848A2 (en) * | 2010-04-01 | 2011-12-29 | 21Ct, Inc. | System and method for providing impact modeling and prediction of attacks on cyber targets |
US20150358341A1 (en) * | 2010-09-01 | 2015-12-10 | Phillip King-Wilson | Assessing Threat to at Least One Computer Network |
US20160197953A1 (en) * | 2011-12-22 | 2016-07-07 | Quantar Solutions Limited | Apparatus and method for assessing financial loss from cyber threats capable of affecting at least one computer network |
US20170366572A1 (en) * | 2011-12-22 | 2017-12-21 | Quantar Solutions Limited | Assessing and Managing Cyber Threats |
US20190166156A1 (en) * | 2011-12-22 | 2019-05-30 | Quantar Solutions Limited | Valuing cyber risks for insurance pricing and underwriting using network monitored sensors and methods of use |
US20130304440A1 (en) * | 2012-05-11 | 2013-11-14 | Dassault Systemes Simulia Corp. | Verification of cyber-physical systems using optimization algorithms |
US20130347116A1 (en) * | 2012-06-26 | 2013-12-26 | Zuclu Research, LLC | Threat evaluation system and method |
US20160012235A1 (en) * | 2014-02-10 | 2016-01-14 | Vivo Security Inc. | Analysis and display of cybersecurity risks for enterprise data |
US9749344B2 (en) * | 2014-04-03 | 2017-08-29 | Fireeye, Inc. | System and method of cyber threat intensity determination and application to cyber threat mitigation |
US20160110819A1 (en) * | 2014-10-21 | 2016-04-21 | Marc Lauren Abramowitz | Dynamic security rating for cyber insurance products |
US20160112445A1 (en) * | 2014-10-21 | 2016-04-21 | Marc Lauren Abramowitz | Joined and coordinated detection, handling, and prevention of cyberattacks |
WO2016064919A1 (en) * | 2014-10-21 | 2016-04-28 | Abramowitz Marc Lauren | Dynamic security rating for cyber insurance products |
WO2016065049A1 (en) * | 2014-10-21 | 2016-04-28 | Abramowitz Marc Lauren | Joined and coordinated detection, handling, and prevention of cyberattacks |
WO2016075115A1 (en) * | 2014-11-14 | 2016-05-19 | Institut Mines-Telecom/Telecom Sudparis | Selection of countermeasures against cyber attacks |
US20170324766A1 (en) * | 2014-11-14 | 2017-11-09 | Institut Mines-Telecom/Telecom Sudparis | Selection of countermeasures against cyber attacks |
US9892261B2 (en) * | 2015-04-28 | 2018-02-13 | Fireeye, Inc. | Computer imposed countermeasures driven by malware lineage |
WO2017014823A2 (en) * | 2015-05-04 | 2017-01-26 | Hasan Syed Kamran | Method and device for managing security in a computer network |
US20160344760A1 (en) * | 2015-05-22 | 2016-11-24 | John SARKESAIN | Dynamically-adaptive-resilient measured cyber performance and effects through command and control integration of full spectrum capabilities |
US20160373478A1 (en) * | 2015-06-17 | 2016-12-22 | Bank Of America Corporation | Detecting and Analyzing Operational Risk in a Network Environment |
US11184401B2 (en) * | 2015-10-28 | 2021-11-23 | Qomplx, Inc. | AI-driven defensive cybersecurity strategy analysis and recommendation system |
US20180005118A1 (en) * | 2016-06-30 | 2018-01-04 | Microsoft Technology Licensing, Llc | Control of cyber-physical systems under uncertainty |
US20180039922A1 (en) * | 2016-08-08 | 2018-02-08 | Quantar Solutions Limited | Apparatus and method for calculating economic loss from electronic threats capable of affecting computer networks |
US20190340549A1 (en) * | 2016-08-08 | 2019-11-07 | Quantar Solutions Limited | Method and system for network infrastructure security breach measurement |
WO2018048991A1 (en) * | 2016-09-08 | 2018-03-15 | Secure Systems Innovation Corporation | Method and system for risk measurement and modeling |
US11282018B2 (en) * | 2016-09-08 | 2022-03-22 | Secure Systems Innovation Corporation | Method and system for risk measurement and modeling |
US20180167414A1 (en) * | 2016-12-14 | 2018-06-14 | CyberSaint, Inc. | System and method for monitoring and grading a cybersecurity framework |
US10685293B1 (en) * | 2017-01-20 | 2020-06-16 | Cybraics, Inc. | Methods and systems for analyzing cybersecurity threats |
US10904282B2 (en) * | 2017-08-08 | 2021-01-26 | American International Group, Inc. | System and method for assessing cybersecurity risk of computer network |
US20190098039A1 (en) * | 2017-09-26 | 2019-03-28 | Edge2020 LLC | Determination of cybersecurity recommendations |
WO2019152710A1 (en) * | 2018-01-31 | 2019-08-08 | Aon Risk Consultants, Inc. | System and methods for vulnerability assessment and provisioning of related services and products for efficient risk suppression |
US20190236661A1 (en) * | 2018-01-31 | 2019-08-01 | Aon Risk Consultants, Inc. | System and methods for vulnerability assessment and provisioning of related services and products for efficient risk suppression |
US10931705B2 (en) * | 2018-03-12 | 2021-02-23 | BitSight Technologies, Inc. | Correlated risk in cybersecurity |
US20200252423A1 (en) * | 2019-01-31 | 2020-08-06 | Aon Risk Consultants, Inc. | Systems and methods for vulnerability assessment and remedy identification |
Non-Patent Citations (10)
Title |
---|
Benaroch, Michel. "Real options models for proactive uncertainty-reducing mitigations and applications in cybersecurity investment decision making." Information Systems Research 29.2 (2018): 315-340. (Year: 2018) * |
Laszka, Aron, et al. "Synergistic security for the industrial internet of things: Integrating redundancy, diversity, and hardening." 2018 IEEE International Conference on Industrial Internet (ICII). IEEE, 2018. (Year: 2018) * |
Milov, O. V., et al. "Development of the model of the antagonistic agents behavior under a cyber conflict." (2019). (Year: 2019) * |
Musman, Scott, and Andrew Turner. "A game theoretic approach to cyber security risk management." The Journal of Defense Modeling and Simulation 15.2 (2018): 127-146. (Year: 2018) * |
Musman, Scott. "Assessing prescriptive improvements to a system's cyber security and resilience." 2016 Annual IEEE Systems Conference (SysCon). IEEE, 2016. (Year: 2016) * |
Nagurney, Anna, and Shivani Shukla. "Multifirm models of cybersecurity investment competition vs. cooperation and network vulnerability." European Journal of Operational Research 260.2 (2017): 588-600. (Year: 2017) * |
Smith, G. Stevenson, and Anthony J. Amoruso. "Using real options to value losses from cyber attacks." Journal of digital asset management 2 (2006): 150-162. (Year: 2006) * |
Zhuo, Yueran, and Senay Solak. "Cybersecurity investment optimization with risk: Insights for resource allocation." 2015 International Conference on Industrial Engineering and Operations Management (IEOM). IEEE, 2015. (Year: 2015) * |
Zhuo, Yueran, and Senay Solak. "Measuring and optimizing cybersecurity investments: A quantitative portfolio approach." IIE Annual Conference. Proceedings. Institute of Industrial and Systems Engineers (IISE), 2014. (Year: 2014) * |
Coden, Michael. "Cyber Strategy Optimization for Risk Management." (2018): 1-26 (Year: 2018) * |
Also Published As
Publication number | Publication date |
---|---|
US11232384B1 (en) | 2022-01-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Herath et al. | Copula-based actuarial model for pricing cyber-insurance policies | |
US7792728B2 (en) | Method and apparatus for patent valuation | |
US7606757B1 (en) | Method and system for patent valuation | |
Glasserman et al. | Conditioning on one-step survival for barrier option simulations | |
Bai et al. | Managing data quality risk in accounting information systems | |
US20190244299A1 (en) | System and method for evaluating decision opportunities | |
Carfora et al. | Cyber risk management: An actuarial point of view | |
US8442845B2 (en) | Systems and methods for determining cost of insurance rates | |
EP4109377A1 (en) | System, method and apparatus for modeling loan transitions | |
Talarico et al. | Risk-informed decision making of safety investments by using the disproportion factor | |
Thomas et al. | How bad is it?–a branching activity model to estimate the impact of information security breaches | |
Hernandez-Garcia et al. | A real option based model for the valuation of patent protected technological innovation projects | |
Geyer et al. | No-arbitrage bounds for financial scenarios | |
Cheng et al. | Modeling operational risks in business processes | |
US20220092506A1 (en) | Methods and Systems for Determining an Optimal Portfolio of Cyber Security Related Projects | |
Bagchi et al. | Data quality management using business process modeling | |
Fagade et al. | Towards effective cybersecurity resource allocation: the Monte Carlo predictive modelling approach | |
Peters et al. | Cyber loss model risk translates to premium mispricing and risk sensitivity | |
US20150294328A1 (en) | Customer Relationship Prediction and Valuation | |
CN109509019A (en) | Real estate project management state monitors application method, system and cloud application system | |
Babbel et al. | Asset/liability management for insurers | |
Mankaï | Data-Driven Robust Optimization with Application to Portfolio Management | |
Alijoyo et al. | The risk management maturity assessment: the case of Indonesian fintech firm | |
US20230153729A1 (en) | Method and apparatus for determining effectiveness of cybersecurity risk controls | |
US20230122830A1 (en) | System, method, and apparatus for measuring, modeling, reducing, and addressing cyber risk |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
AS | Assignment |
Owner name: THE BOSTON CONSULTING GROUP, INC., MASSACHUSETTS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ROBLES, ERNESTO;CODEN, MICHAEL;SCHAEFER, RUSSELL;SIGNING DATES FROM 20191002 TO 20191125;REEL/FRAME:058727/0642 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE AFTER FINAL ACTION FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |