Quantum Security Model™ (QSM)

Knowing & Rating Security

Overview:

Automated methodology and toolset to quantify the security profile of an asset.

Target threat:

The current inability to effectively assess cyber defenses quantitatively.

Target customer:

Initially, insurance consumers and Fortune 500 companies for network protection. Long-term, this product will be ubiquitous.

The Quantum Security Model introduces standardization, rigor and transparency to the security evaluation of assets (systems and components). Current methodologies are too often non-standardized, incomplete, opaque and static. The QSM methodology fills this gap by providing:

  • A normalized methodology and new unit of security measure (the qsec) for analyzing and evaluating assets in a consistent manner. This allows for the security profile of and between components to be more accurately understood, measured and weighted to reflect relative importance.
  • A method to express the resultant evaluation as a quantifiable score that provides a consistent and useful metric that can be compared across common industries, companies, and asset classes.
  • A decay factor that reflects the decreased accuracy of the evaluation metric caused by the passage of time.
  • A method for authentication and authorization where resource owners are able to request and verify an asset’s security score and certification prior to granting access to other assets and networks. 
The first implementation of QSM will be an automated scan and evaluation utility that will be leveraged to provide the first home cyber insurance policies.