CYBERSECURITY INSIDER RISK MANAGEMENT

CYBERSECURITY INSIDER RISK MANAGEMENT

Some embodiments help manage cybersecurity insider risk. An authorized user influence pillar value is based on an influence signal representing the user's actual or potential influence in a computing environment. An authorized user access pillar value is based on an access signal representing t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: SIDDIQUI, Maria, TM, Sudarson, RUVALCABA, Diego, MISHRA, Ashish, MCCANN, Robert, KALAJDJIESKI, Jovan, MIYAKE, Erin K, MITTAL, Sakshi, MIR, Talhah Munawar
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Some embodiments help manage cybersecurity insider risk. An authorized user influence pillar value is based on an influence signal representing the user's actual or potential influence in a computing environment. An authorized user access pillar value is based on an access signal representing the user's actual or potential access to resources. An impact risk value is calculated as a weighted combination of the pillar values. In response, an embodiment automatically adjusts a cybersecurity characteristic, such as a security risk score, security group membership, threat detection mechanism, or alert threshold. In some cases, impact risk is also based on a cumulative potential exfiltration anomaly access signal. In some cases, impact risk is based on one or more values which represent user public visibility, user social network influence, brand damage risk, resource mission criticality, access request response speed or success rate, or a known cybersecurity attack.