| CPC H04L 63/20 (2013.01) [G06F 3/0484 (2013.01); G06F 16/2246 (2019.01); G06F 16/245 (2019.01)] | 20 Claims |
|
1. A system for processing cyber incidents in cyber incident management systems using dynamic processing hierarchies, comprising:
cloud-based memory configured to:
store a first structure for a cyber incident management system, wherein the first structure defines a first hierarchy of tasks through which cyber incidents are automatically processed without user inputs; and
store a second structure for the cyber incident management system, wherein the second structure defines a second hierarchy of tasks through which cyber incidents are processed based on user inputs received in response to user queries generated for display on a user interface;
cloud-based control circuitry configured to:
receive, via a user interface, a user request to process a cyber incident through an integrated cyber incident management system, wherein the cyber incident includes an incident characteristic;
process the cyber incident through an integrated structure, wherein the integrated structure is generated by combining the first structure and the second structure, and wherein the incident characteristic is used to determine a shared structure node for transitioning from the first hierarchy of tasks to the second hierarchy of tasks;
generate for display, on the user interface, a user query comprising native data, for the cyber incident, and integration data that describes, in a human-readable format, a relationship of the native data to the integrated structure;
receive a user response, via the user interface, to the user query; and
generate, based on the user response, a revised integrated structure by combining the first structure and the second structure at a second shared structure node for transitioning from the second hierarchy of tasks to the first hierarchy of tasks at the second shared structure node.
|