Breach Prophet
Problem Statement
Companies face a constant threat from both internal and external security attacks and incidents. Immediately assessing or predicting cyber risk to the business (products and services) is one of the major challenges for companies when securing their products and services to protect their customers.
Description
Breach Prophet aims to address critical gaps in current cybersecurity solutions, particularly the lack of an effective mechanism to map and predict risks stemming from vulnerabilities for businesses by providing a comprehensive risk hierarchy and predicting risk for business services in a more elegant manner. This approach enables business leaders and managers to assess the impact of vulnerabilities not only on systems but on the entire ecosystem, facilitating a thorough analysis of the impact on business processes.
New Insights and Knowledge
Breach Prophet targets an application that currently has very little to no solutions in the marketplace. Tying vulnerability in company assets and peripherals to direct business impacts and risks is something that is currently done very manually by security and business leaders. This will significantly help the Cybersecurity risk management community.
Broader implications are also being acknowledged and we are committed to scientific and social responsibility. Findings will be disseminated responsibly, promoting accessibility and fostering an inclusive and collaborative environment. The insights garnered, particularly from real-time predictions and comprehensive risk mapping, may serve as catalysts for further theoretical exploration and refinement.
Relevance to Key Stakeholders
- Research Community: Our work holds substantial relevance for the research community, particularly in the fields of cybersecurity, risk management, and business continuity. It introduces an innovative approach that may inspire further investigation and evolution of existing theories.
- Policymakers: Policymakers grappling with the complexities of cybersecurity and data protection will find our tool invaluable. The real-time predictions and detailed risk hierarchy provided can inform the crafting of policies aimed at enhancing organizational resilience against cyber threats.
- Decision-Making Stakeholders: Executives, Chief Information Security Officers (CISOs), and business leaders constitute vital decision-making stakeholders who stand to benefit significantly from our tool. The capacity for informed security investments to safeguard customers, products, and services aligns with their strategic imperatives, potentially influencing future decisions, practices, and organizational behaviors.
Funding
Due to significant hosting and cloud computing costs, Team Breach Prophet applied for funding to the UC Berkeley Center for Long-Term Cybersecurity (CLTC) and received a generous grant to support our efforts.
We are thankful and grateful to the CLTC for helping us with our research.