Prioritizing security controls using a cyber digital twin simulator

Assignee

• ACCENTURE GLOBAL SOLUTIONS LIMITED · IE

Inventors

• Gal Engelberg · Pardes Hana-Karkur, IL
• Dan Klein · Neve Yaraq, IL
• Alexander Basovskiy · Hod HaSharon, IL
• Nimrod Busany · Tel Aviv-Yafo, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1433
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Implementations include a computer-implemented method for mitigating cyber security risk of an enterprise network, the method comprising: receiving an analytical attack graph (AAG) representing paths within the enterprise network with respect to at least one target asset, the AAG defining a digital twin of the enterprise network and comprising a set of rule nodes, each rule node representing an attack tactic that can be used to move along a path of the AAG; integrating the AAG with a knowledge graph comprising a set of asset nodes, each asset node representing a digital asset that can be affected by one or more of the attack tactics; determining, based on integrating the AAG with the knowledge graph, a plurality of security controls, each security control having an assigned priority value; and selectively implementing the security controls in the enterprise network based on the assigned priority values of the security controls.