SYSTEMS AND METHODS FOR PROVIDING CYBERSECURITY ANALYSIS BASED ON OPERATIONAL TECHNOLOGIES AND INFORMATION TECHNOLOGIES

摘要

The disclosed technology can acquire a first set of data from a first group of data sources including a plurality of network components within an energy delivery network. A first metric indicating a likelihood that a particular network component, from the plurality of network components, is affected by cyber vulnerabilities can be generated based on the first set of data. A second set of data can be acquired from a second group of data sources including a collection of services associated with the energy delivery network. A second metric indicating a calculated impact to at least a portion of the energy delivery network when the cyber vulnerabilities affect the particular network component can be generated based on the second set of data. A third metric indicating an overall level of cybersecurity risk associated with the particular network component can be generated based on the first metric and the second metric.

主权项

1. A computer-implemented method comprising:
acquiring, by a computing system, a first set of data from a first group of data sources including a plurality of network components within an energy delivery network; generating, by the computing system, based on the first set of data, a first metric indicating a likelihood that a particular network component, from the plurality of network components, is affected by one or more cyber vulnerabilities; acquiring, by the computing system, a second set of data from a second group of data sources including a collection of services associated with the energy delivery network; generating, by the computing system, based on the second set of data, a second metric indicating a calculated impact to at least a portion of the energy delivery network when the one or more cyber vulnerabilities affect the particular network component; and generating, by the computing system, based on the first metric and the second metric, a third metric indicating an overall level of cybersecurity risk associated with the particular network component.