System and Method of Cyber Threat Intensity Determination and Application to Cyber Threat Mitigation

摘要

A security system comprising a computer, a memory, a data store comprising a plurality of consensus evaluations and a plurality of cyber threat analyst ratings, and an application stored in the memory. When executed by the computer, the application generates a cyber threat report that identifies of a cyber threat intent and a cyber threat technology, receives from a cyber threat analyst an input of a cyber threat frequency score, an input of a cyber threat likelihood score, and an input of a cyber threat capability score, and generates a cyber threat intensity based on the scores and based on a cyber threat analyst rating stored in the data store and associated with the cyber threat analyst inputting the scores, whereby the cyber threat report and the cyber threat intensity are used to select cyber risk mitigation actions to economically manage the cyber risk of an enterprise or organization.