DETAILED ACTION
Status of the Application
Claims 1-20 have been examined in this application. This communication is the first action on the merits. The Information Disclosure Statements (IDS) filed on July 9, 2024, August 15, 2024, and February 13, 2025 have been acknowledged.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claims (claim 15, and similarly claims 1-14 & 16-20), in view of the first prong of Step 2A, recite “determining, from risk data associated with the at-risk system, a plurality of risk dimensions comprising one or more risk sub-dimensions indicating particular risk events with respective probabilities of harming the at-risk system; determining, for a first risk event within a first risk sub-dimension of the one or more risk sub-dimensions, a first severity of the first risk event and a first frequency of the first risk event occurring; determining, for a second risk event within a second risk sub-dimension of the one or more risk sub-dimensions, a second severity of the second risk event and a second frequency of the second risk event occurring; generating a multidimensional risk visualization depicting a first event indicator for the first risk event and a second event indicator for the second risk event, wherein: the first event indicator has a first size reflecting the first frequency and a first placement reflecting the first severity; and the second event indicator has a second size reflecting the second frequency and a second placement reflecting the second severity.” Further, claim 15 additionally recite “a state that reduces a risk indicated by the multidimensional risk visualization.” Claims 1-20, in view of the claim limitations, recite the abstract idea of determining a plurality of risk dimensions with probabilities of harming a system, determining a first and second severity and a first and second frequency, respectively for a first and second risk event, generating a graph of nodes representing the risk events with the size of the nodes representing frequencies of the events and placement representing severity. Additionally, claim 15-20 recite the additional abstract idea of identifying a state that reduces a risk in the graph.
As a whole, in view of the claim limitations, but for the generic computer components and systems performing the claimed functions, the broadest reasonable interpretation of the recited determining a plurality of risk dimensions with probabilities of harming a system, determining a first and second severity and a first and second frequency, respectively for a first and second risk event, generating a graph of nodes representing the risk events with the size of the nodes representing frequencies of the events and placement representing severity, and identifying a state that reduces a risk in the graph could all be reasonably interpreted as a human observing and evaluating information risk events to determine the dimensions, severity, and frequencies of risk events, a human using judgement to organize the information into a graph, a human outputting the resulting graph manually and/or with pen and paper, and a human performing an evaluation and using judgement to identify a state that reduces a risk in the graph; therefore, the claims recite a mental processes. In addition, the limitations in this claim recite a mathematical algorithm to determine numerical values in dimensions concerning risks and plot those values in a graph, which is a mathematical relationship, and thus, these claims recite a mathematical concept. Further, with respect to the dependent claims, aside from the additional elements beyond the recited abstract idea addressed below under the second prong of Step 2A and 2B, the limitations of dependent claims 2-7, 9-14, & 16-20 recite similar further abstract limitations to those discussed above that narrow the abstract idea recited in the independent claims because, aside from the generic computer components and systems performing the claimed functions, the limitations of claims recite mental processes that can be practically performed mentally by observing, evaluating, and judging information mentally and/or with a pen and paper. Accordingly, since the claims recite mental processes and mathematical concepts, the claims recite an abstract idea under the first prong of Step 2A.
This judicial exception is not integrated into a practical application under the second prong of Step 2A. In particular, the claims recite the additional elements beyond the recited abstract idea of “[a] computer-implemented method comprising” in claim 1, “[a] non-transitory computer readable medium storing instructions thereon that, when executed by a processing device, cause the processing device to perform operations comprising” in claim 8, and “[a] system comprising: a computing system comprising: one or more memory devices, and processing hardware configured to cause the system to perform operations comprising” and “an at-risk system comprising one or more hardware components, wherein the at-risk system is configured for modifying the one or more hardware components” in claim 15, “modifying the one or more hardware components of the at-risk system to the state that reduces the risk comprises updating encryption software on the one or more hardware components” in claim 18, “neural network trained” in claim 19, and “neural network” in claim 20; however, individually and when viewed as an ordered combination, and pursuant to the broadest reasonable interpretation, each of the additional elements are computing elements recited at high level of generality implementing the abstract idea on a computer (i.e. apply it), and thus, are no more than applying the abstract idea with generic computer components. Further, these elements merely generally link the abstract idea to a field of use/technological environment, namely a generic computing environment implementing a generic neural network and performing generic modification to a computer system. Moreover, aside from the aforementioned additional elements, the remaining elements of dependent claims 2-7, 9-14, & 16-20 do not integrate the abstract idea into a practical application because these claims merely recite further limitations that provide no more than simply narrowing the recited abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception under Step 2B. As noted above, the aforementioned additional elements beyond the recited abstract idea, as an order combination, are no more than mere instructions to implement the idea using generic computer components (i.e., apply it), and further, generally link the abstract idea to a field of use, which is not sufficient to amount to significantly more than an abstract idea; therefore, the additional elements are not sufficient to amount to significantly more than an abstract idea. Additionally, these recitations as an ordered combination, simply append the abstract idea to recitations of generic computer structure performing generic computer functions that are well-understood, routine, and conventional in the field as evinced by Applicant’s Specification at [0165] (describing the aspects described herein may utilize a general-purpose computer). Furthermore, as an ordered combination, these elements amount to generic computer components performing repetitive calculations, receiving or transmitting data over a network, electronic record keeping, storing and retrieving information in memory, and presenting offers, which, as held by the courts, are well-understood, routine, and conventional. See MPEP 2106.05(d); July 2015 Update, p. 7. Moreover, aside from the aforementioned additional elements, the remaining elements of dependent claims 2-7, 9-14, & 16-20 do not transform the recited abstract idea into a patent eligible invention because these claims merely recite further limitations that provide no more than simply narrowing the recited abstract idea.
Looking at these limitations as an ordered combination adds nothing additional that is sufficient to amount to significantly more than the recited abstract idea because they simply provide instructions to use a generic arrangement of generic computer components and recitations of generic computer structure that perform well-understood, routine, and conventional computer functions that are used to “apply” the recited abstract idea. Thus, the elements of the claims, considered both individually and as an ordered combination, are not sufficient to ensure that the claims as a whole amount to significantly more than the abstract idea itself. Since there are no limitations in these claims that transform the exception into a patent eligible application such that these claims amount to significantly more than the exception itself, claims 1-20 are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 8, 10, 14, & 15 rejected under 35 U.S.C. 103 as being unpatentable over by Li, et al. (US 20120290989 A1), hereinafter Li, in view of Faile, et al. (US 20150199511 A1), hereinafter Faile.
Regarding Claim 1, Li discloses a computer-implemented method comprising ([0003]):
determining, from risk data associated with an at-risk system, a plurality of risk dimensions associated with risk events with respective probabilities of harming the at-risk system ([0017]-[0018], risks in an interactive map for managing systemic risks may be identified by one or more characteristics, including likelihood of occurrence, e.g., defined in Table 1, wherein Examiner notes, Table 1 includes a domain of each risk, e.g., the domain of Cyber Attack risk is technology, [0020], [0022], nodes representing risks are associated a risk domain, e.g., the possible domains are People, Process, Technology, Operations, Environment, and Regulations);
determining severities and frequencies for risk events within a risk dimension from the plurality of risk dimensions ([0017]-[0018], the computer leverages pair-wise comparison in defining weights for different attributes when calculating risk scores, risks may be identified by one or more characteristics, each characteristic having a score, the characteristics of each risk may include risk likelihood, risk severity, wherein the occurrence of an event associated with a first risk may affect the likelihood of occurrence of (i.e. frequency of risk event occurrence), severity of, and/or ability to detect, an event associated with a second risk, wherein e.g., table 1 includes the domain of Cyber Attack risk is technology and the associated severity and likelihood for each risk, [0020], [0022], nodes representing risks are associated with a risk domain, e.g., the possible domains are People, Process, Technology, Operations, Environment, and Regulations, [0027]-[0029], nodes linked Cyb node include Fin, H, M, Crit, For, Sil, B, and Gi and indicate likelihood, severity, and domain);
generating a multidimensional risk visualization depicting event indicators for the risk events, wherein the event indicators have different [placement] reflecting the frequencies of the risk events and different placements reflecting the severities of the risk events ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores); and
PNG
media_image1.png
554
786
media_image1.png
Greyscale
providing the multidimensional risk visualization for display on a client device ([0013], the user interfaces may be generated and displayed by a computer).
While Li discloses all of the above, including generating a multidimensional risk visualization depicting event indicators for the risk events, wherein the event indicators have different [placement] reflecting the frequencies of the risk events and different placements reflecting the severities of the risk events (as above), and Li additionally discloses the size of each node in the above user interface can be based on a combination of two or more of the severity, likelihood of occurrence, and detectability scores ([0030]) and in another embodiment of different user interface in which nodes representing risks are displayed with different sizes based on likelihood of occurrence ([0023]), and thus, Li strongly suggests indicators of risk events having different sizes reflecting the frequencies of the risks, Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Faile.
Faile teaches generating a multidimensional risk visualization depicting event indicators for the risk events, wherein the event indicators have different sizes reflecting … the risk events and different placements ([0036], the risk aggregation module 255 determines an aggregated risk score for each time period as the sum of the event risk scores for each event occurring with a particular time period and the aggregated event risk scores may be graphically presented to a user in the form of a bubble chart, wherein the number inside each bubble represents the total number of events during a specific time period, the size of each bubble reflects the combined event risk score of all events represented by the bubble during the time period with larger bubble having a higher combined event risk score (i.e. the size reflecting the number of all events in a time period – the frequency of occurrence), and the y-axis represents the event risk score).
PNG
media_image2.png
520
554
media_image2.png
Greyscale
Li and Faile are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events with different sizes, as taught by Faile, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events with different sizes reflecting frequencies of the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Faile in order to produce the added benefit of helping businesses assess risks associated with events and providing an improved system for assessing risks. [0002].
Regarding claim 8, Li discloses a non-transitory computer readable medium storing instructions thereon that, when executed by a processing device, cause the processing device to perform operations comprising ([0014]-[0016]):
determining, from risk data associated with an at-risk system, a plurality of risk dimensions associated with risk events having respective probabilities of harming the at-risk system ([0017]-[0018], risks in an interactive map for managing systemic risks may be identified by one or more characteristics, including likelihood of occurrence, e.g., defined in Table 1, wherein Examiner notes, Table 1 includes a domain of each risk, e.g., the domain of Cyber Attack risk is technology, [0020], [0022], nodes representing risks are associated with a risk domain, e.g., the possible domains are People, Process, Technology, Operations, Environment, and Regulations);
determining, for a first risk event within a first risk dimension from the plurality of risk dimensions, a first severity of the first risk event and a first frequency of the first risk event occurring;
determining, for a second risk event within a second risk dimension of the plurality of risk dimensions, a second severity of the second risk event and a second frequency of the second risk event occurring ([0017]-[0018], the computer leverages pair-wise comparison in defining weights for different attributes when calculating risk scores, risks may be identified by one or more characteristics, each characteristic having a score, the characteristics of each risk may include risk likelihood, risk severity, wherein the occurrence of an event associated with a first risk may affect the likelihood of occurrence of (i.e. frequency of risk event occurrence), severity of, and/or ability to detect, an event associated with a second risk, wherein e.g., table 1 includes the domain of Cyber Attack risk is technology and the domain of capacity constraint risk is people and the associated severity and likelihood for each risk, [0005], a plurality of nodes represent risks, [0020], [0022], nodes representing risks are associated with a risk domain, e.g., the possible domains are People, Process, Technology, Operations, Environment, and Regulations, [0027]-[0028], nodes linked Cyb node include Fin, H, M, Crit, For, Sil, B, and Gi and indicate likelihood and severity); and
generating a multidimensional risk visualization depicting a first event indicator for the first risk event and a second event indicator for the second risk event, wherein: the first event indicator has a first [placement] reflecting the first frequency and a first placement reflecting the first severity; and the second event indicator has a second [placement] reflecting the second frequency and a second placement reflecting the second severity ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores, [0027]-[0028], nodes linked Cyb node include Fin, H, M, Crit, For, Sil, B, and Gi and indicate likelihood and severity).
PNG
media_image1.png
554
786
media_image1.png
Greyscale
While Li discloses all of the above, including generating a multidimensional risk visualization depicting a first event indicator for the first risk event and a second event indicator for the second risk event, wherein: the first event indicator has a first [placement] reflecting the first frequency and a first placement reflecting the first severity; and the second event indicator has a second [placement] reflecting the second frequency and a second placement reflecting the second severity (as above), and Li additionally discloses the size of each node in the above user interface can be based on a combination of two or more of the severity, likelihood of occurrence, and detectability scores ([0030]) and in another embodiment of different user interface in which nodes representing risks are displayed with different sizes based on likelihood of occurrence ([0023]), and thus, Li strongly suggests indicators of risk events having different sizes reflecting the frequencies of the risks, Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Faile.
Faile teaches generating a multidimensional risk visualization depicting a first event indicator for the first risk event and a second event indicator for the second risk event, wherein: the first event indicator has a first size reflecting the first … and a first placement …; and the second event indicator has a second size reflecting the second … and a second placement reflecting the second ([0036], the risk aggregation module 255 determines an aggregated risk score for each time period as the sum of the event risk scores for each event occurring with a particular time period and the aggregated event risk scores may be graphically presented to a user in the form of a bubble chart, wherein the number inside each bubble represents the total number of events during a specific time period, the size of each bubble reflects the combined event risk score of all events represented by the bubble during the time period with larger bubble having a higher combined event risk score (i.e. the size reflecting the number of all events in a time period – the frequency of occurrence), and the y-axis represents the event risk score).
PNG
media_image2.png
520
554
media_image2.png
Greyscale
Li and Faile are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events with different sizes, as taught by Faile, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events with different sizes reflecting frequencies of the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Faile in order to produce the added benefit of helping businesses assess risks associated with events and providing an improved system for assessing risks. [0002].
Regarding claim 10, the combined teachings of Li and Faile teach the non-transitory computer readable medium of claim 8 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises generating the first event indicator as [more to the right] than the second event indicator to reflect that the first frequency is greater than the second frequency ([0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores, [0027]-[0028], nodes linked Cyb node include Fin, H, M, Crit, For, Sil, B, and Gi and indicate likelihood and severity), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Faile.
Faile teaches wherein generating the multidimensional risk visualization comprises generating the first event indicator as larger than the second event indicator to reflect that the first frequency is greater than the second frequency ([0036], the risk aggregation module 255 determines an aggregated risk score for each time period as the sum of the event risk scores for each event occurring with a particular time period and the aggregated event risk scores may be graphically presented to a user in the form of a bubble chart, wherein the number inside each bubble represents the total number of events during a specific time period, the size of each bubble reflects the combined event risk score of all events represented by the bubble during the time period with larger bubble having a higher combined event risk score (i.e. the size reflecting the number of all events in a time period – the frequency of occurrence), and the y-axis represents the event risk score).
Li and Faile are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events with different sizes, as taught by Faile, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events with different sizes reflecting frequencies of the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Faile in order to produce the added benefit of helping businesses assess risks associated with events and providing an improved system for assessing risks. [0002].
Regarding claim 14, the combined teachings of Li and Faile teach the non-transitory computer readable medium of claim 8 (as above). Further, Li discloses further storing instructions that, when executed by the processing device, cause the processing device to perform operations comprising providing the multidimensional risk visualization for display on a client device ([0013], the user interfaces may be generated and displayed by a computer).
Regarding claim 15, Li discloses a system comprising ([0014]-[0016]):
a computing system comprising:
one or more memory devices, and processing hardware configured to cause the system to perform operations comprising ([0014]-[0016]):
determining, from risk data associated with the at-risk system, a plurality of risk dimensions comprising one or more risk sub-dimensions indicating particular risk events with respective probabilities of harming the at-risk system [0017]-[0018], risks in an interactive map for managing systemic risks may be identified by one or more characteristics, including likelihood of occurrence, e.g., defined in Table 1, wherein Examiner notes, Table 1 includes a domain of each risk, e.g., the domain of Cyber Attack risk is technology, [0020], [0022], nodes representing risks are associated with a risk domain, e.g., the possible domains are People, Process, Technology, Operations, Environment, and Regulations);
determining, for a first risk event within a first risk sub-dimension of the one or more risk sub-dimensions, a first severity of the first risk event and a first frequency of the first risk event occurring;
determining, for a second risk event within a second risk sub-dimension of the one or more risk sub-dimensions, a second severity of the second risk event and a second frequency of the second risk event occurring ([0017]-[0018], the computer leverages pair-wise comparison in defining weights for different attributes when calculating risk scores, risks may be identified by one or more characteristics, each characteristic having a score, the characteristics of each risk may include risk likelihood, risk severity, wherein the occurrence of an event associated with a first risk may affect the likelihood of occurrence of (i.e. frequency of risk event occurrence), severity of, and/or ability to detect, an event associated with a second risk, wherein e.g., table 1 includes the domain of Cyber Attack risk is technology and the domain of capacity constraint risk is people and the associated severity and likelihood for each risk, [0005], a plurality of nodes represent risks, [0020], [0022], nodes representing risks are associated with a risk domain, e.g., the possible domains are People, Process, Technology, Operations, Environment, and Regulations, [0027]-[0028], nodes linked Cyb node include Fin, H, M, Crit, For, Sil, B, and Gi and indicate likelihood and severity);
generating a multidimensional risk visualization depicting a first event indicator for the first risk event and a second event indicator for the second risk event, wherein: the first event indicator has a first [placement] reflecting the first frequency and a first placement reflecting the first severity; and the second event indicator has a second [placement] reflecting the second frequency and a second placement reflecting the second severity ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores, [0027]-[0028], nodes linked Cyb node include Fin, H, M, Crit, For, Sil, B, and Gi and indicate likelihood and severity).
PNG
media_image1.png
554
786
media_image1.png
Greyscale
While Li discloses all of the above, including generating a multidimensional risk visualization depicting a first event indicator for the first risk event and a second event indicator for the second risk event, wherein: the first event indicator has a first [placement] reflecting the first frequency and a first placement reflecting the first severity; and the second event indicator has a second [placement] reflecting the second frequency and a second placement reflecting the second severity (as above), and Li additionally discloses the size of each node in the above user interface can be based on a combination of two or more of the severity, likelihood of occurrence, and detectability scores ([0030]) and in another embodiment of different user interface in which nodes representing risks are displayed with different sizes based on likelihood of occurrence ([0023]), and thus, Li strongly suggests indicators of risk events having different sizes reflecting the frequencies of the risks, Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Faile.
Faile teaches generating a multidimensional risk visualization depicting a first event indicator for the first risk event and a second event indicator for the second risk event, wherein: the first event indicator has a first size reflecting the first … and a first placement reflecting the first severity; and the second event indicator has a second size reflecting the second frequency and a second placement reflecting the second … ([0036], the risk aggregation module 255 determines an aggregated risk score for each time period as the sum of the event risk scores for each event occurring with a particular time period and the aggregated event risk scores may be graphically presented to a user in the form of a bubble chart, wherein the number inside each bubble represents the total number of events during a specific time period, the size of each bubble reflects the combined event risk score of all events represented by the bubble during the time period with larger bubble having a higher combined event risk score (i.e. the size reflecting the number of all events in a time period – the frequency of occurrence), and the y-axis represents the event risk score); and
PNG
media_image2.png
520
554
media_image2.png
Greyscale
an at-risk system comprising one or more hardware components, wherein the at-risk system is configured for modifying the one or more hardware components to a state that reduces a risk indicated by the multidimensional risk visualization ([0019], the term "event" relates to an internal business activity engaged in by an entity, e.g., an internal event may be the deployment of new software, a software or hardware upgrade, the release of a new product, an upgrade or change to an existing product, [0049], at 625, the change convergence risk management system 200 identifies a risk mitigation event associated with the risk convergence time period such the time period would not have the predefined risk level (e.g., not have a high risk level or an elevated risk level, and at block 635, the change convergence risk management system 200 provides a recommendation that the risk mitigation event occur during an identified risk mitigation time period).
Li and Faile are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events with different sizes, as taught by Faile, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events with different sizes reflecting frequencies of the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Faile in order to produce the added benefit of helping businesses assess risks associated with events and providing an improved system for assessing risks. [0002].
Claims 2-7, 9, 11-13, 16, & 17 are rejected under 35 U.S.C. 103 as being unpatentable over by Li, et al. (US 20120290989 A1), hereinafter Li, in view of Faile, et al. (US 20150199511 A1), hereinafter Faile, in further view of Hayes, et al. (US 20120253891 A1) hereinafter Hayes.
Regarding claim 2, the combined teachings of Li and Faile teach the computer-implemented method of claim 1 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises: determining a number of risk dimensions associated with the at-risk system ([0017]-[0018], risks in an interactive map for managing systemic risks may be identified by one or more characteristics, including likelihood of occurrence, e.g., defined in Table 1, wherein Examiner notes, Table 1 includes a domain of each risk, e.g., the domain of Cyber Attack risk is technology, [0020], [0022], nodes representing risks are associated with a risk domain, e.g., the possible domains are People, Process, Technology, Operations, Environment, and Regulations, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises: determining a number of risk dimensions associated with the at-risk system; and generating a number of dimension lines corresponding to the number of risk dimensions, wherein dimension lines divide the multidimensional risk visualization into dimension-specific segments ([0067], fig. 7A, 7E, in the bullseye diagrams 500, 501, 502, 505, 506 the wedges 510a, 510b, 510c, 510d, 510e each represent a category having a respective label 511a-511e (i.e. dimension lines), and the concentric rings 520a-520e each represent a user-defined data attribute, in FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510 and rings 520 shown, depending on the number of categories and user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510 and five concentric rings 520, whereas FIG. 7E depicts three wedges 510 and four concentric rings 520, [0070], the datapoints 540 may be automatically plotted within their respective wedges 510 and concentric rings 520 based on repulsive forces assigned to the datapoints 540, their labels 541, the edges (inner and outer) of the rings 520, and the edges of the wedge 510 (i.e. dimension lines)).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 3, the combined teachings of Li and Faile teach the computer-implemented method of claim 1 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises: generating half axes to divide the multidimensional risk visualization into segments, wherein the half axes correspond to risk dimensions depicted within the multidimensional risk visualization ([0067], fig. 7A, 7E, in the bullseye diagrams 500, 501, 502, 505, 506 the wedges 510a-510e each represent a category having a respective label 511a- 511e (i.e. half axes to divide the multidimensional risk visualization into segments), and the concentric rings 520a- 520e each represent a time or other user-defined data attribute, in FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510 and rings 520 shown, depending on the number of categories and time periods or other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510 and five concentric rings 520, whereas FIG. 7E depicts three wedges 510 and four concentric rings 520); and placing an event indicator within a segment of the multidimensional risk visualization located clockwise from a half axis representing a risk dimension of a risk event represented by the event indicator ([0070], the datapoints 540 may be automatically plotted within their respective wedges 510 and concentric rings 520 based on repulsive forces assigned to the datapoints 540, their labels 541, the edges (inner and outer) of the rings 520, and the edges of the wedge 510 (i.e. the data points are plotted clockwise from left edges of the wedge based on repulsive force of the edge)).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 4, the combined teachings of Li and Faile teach the computer-implemented method of claim 1 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises generating a … risk severity background comprising … delineating risk severity levels ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises generating a circular risk severity background comprising concentric circles delineating risk severity levels ([0067], fig. 7A, 7E, in the bullseye diagrams 500, 501, 502, 505, 506 the wedges 510a-510e each represent a category having a respective label 511a- 511e (i.e. half axes to divide the multidimensional risk visualization into segments), and the concentric rings 520a- 520e each represent a time or other user-defined data attribute, in FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510 and rings 520 shown, depending on the number of categories and time periods or other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510 and five concentric rings 520, whereas FIG. 7E depicts three wedges 510 and four concentric rings 520, [0070], the datapoints 540 may be automatically plotted within their respective wedges 510 and concentric rings 520 based on repulsive forces assigned to the datapoints 540, their labels 541, the edges (inner and outer) of the rings 520, and the edges of the wedge 510).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 5, the combined teachings of Li, Faile, and Hayes teach the computer-implemented method of claim 4 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization further comprises ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Faile
Faile determining a first radius for a first event indicator by combining a first local risk radius ratio with a number of instances of a first risk event; …
determining a second radius for a second event indicator by combining a second local risk radius ratio with a number of instances of a second risk event ([0036], the risk aggregation module 255 determines an aggregated risk score for each time period as the sum of the event risk scores for each event occurring with a particular time period and the aggregated event risk scores may be graphically presented to a user in the form of a bubble chart, wherein the size of each bubble reflects the combined event risk score of all events represented by the bubble during the time period with larger bubble having a higher combined event risk score (i.e. the size reflecting the number of all events in a time period – the frequency of occurrence), and the y-axis represents the event risk score).
Li and Faile are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events with different sizes, as taught by Faile, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events with different sizes reflecting frequencies of the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Faile in order to produce the added benefit of helping businesses assess risks associated with events and providing an improved system for assessing risks. [0002].
Further, Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches placing the first event indicator having the first radius within a first concentric circle of the circular risk severity background based on to a first severity level of the first risk event; …
and placing the second event indicator having the second radius within a second concentric circle of the circular risk severity background based on to a second severity level of the second risk event ([0070], the datapoints 540 may be automatically plotted within their respective wedges 510 and concentric rings 520 based on repulsive forces assigned to the datapoints 540, their labels 541, the edges (inner and outer) of the rings 520, and the edges of the wedge 510, [0067], FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510, depending on the number of categories and other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510, whereas FIG. 7E depicts three wedges 510).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 6, the combined teachings of Li and Faile teach the computer-implemented method of claim 1 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises determining risk angles for placing sub-dimension lines within the multidimensional risk visualization based on dimension angles associated with the plurality of risk dimensions and numbers of sub-dimensions within respective risk dimensions ([0077], fig. 7E, e.g., depicts of technology topics grouped into categories such as networking technologies, collaborative technologies, [0067], FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510, depending on the number of categories and other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510, whereas FIG. 7E depicts three wedges 510).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 7, the combined teachings of Li and Faile teach the computer-implemented method of claim 1 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises: generating a recommended dimension to add as a new axis within the multidimensional risk visualization by executing a dimension recommendation algorithm for processing a risk data structure; and modifying the multidimensional risk visualization to include the new axis for the recommended dimension ([0056]-[0057], in step 432 the selected visualization is displayed, step 434 the user enters a modification, step 438 the system determines if the modification is a data modification, such as adding an individual technology point or a non-data modification, such as filtering by, e.g., weighted wedge, or a category selection, the system proceeds to step 442, where the system displays the modified visualization, wherein the modification may be removal of points, or display of an edited topic label, [0077], fig. 7E, e.g., depicts of technology topics grouped into categories such as networking technologies, collaborative technologies, [0067], FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510, depending on the number of categories and other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510, whereas FIG. 7E depicts three wedges 510).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 9, the combined teachings of Li and Faile teach the non-transitory computer readable medium of claim 8 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises: generating a risk severity background comprising a plurality of … shapes delineating risk severity levels; placing the first event indicator within a first … shape of the plurality of concentric shapes based on the first severity; and placing the second event indicator within a second … shape of the plurality of concentric shapes based on the second severity ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises: generating a risk severity background comprising a plurality of concentric shapes delineating risk severity levels ([0067], FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510, depending on the number of categories and other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510, whereas FIG. 7E depicts three wedges 510); placing the first event indicator within a first concentric shape of the plurality of concentric shapes based on the first severity; and placing the second event indicator within a second concentric shape of the plurality of concentric shapes based on the second severity (([0070], the datapoints 540 may be automatically plotted within their respective wedges 510 and concentric rings 520 based on repulsive forces assigned to the datapoints 540, their labels 541, the edges (inner and outer) of the rings 520, and the edges of the wedge 510).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 11, the combined teachings of Li and Faile teach the non-transitory computer readable medium of claim 8 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises: determining dimension angles for the plurality of risk dimensions based on a quantity associated with the plurality of risk dimensions; and placing dimension lines within the multidimensional risk visualization according to the dimension angles to divide the multidimensional risk visualization into segments corresponding to the plurality of risk dimensions ([0077], fig. 7E, e.g., depicts of technology topics grouped into categories such as networking technologies, collaborative technologies, [0067], FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510, depending on the number of categories and other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510, whereas FIG. 7E depicts three wedges 510).
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 12, the combined teachings of Li and Faile teach the non-transitory computer readable medium of claim 8 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises: determining sub-dimension angles for risk sub-dimensions based on quantities of risk sub-dimensions within each of the plurality of risk dimensions; and placing sub-dimension lines within the multidimensional risk visualization according to the sub-dimension angles ([0077], fig. 7E, e.g., depicts of technology topics grouped into categories such as networking technologies, collaborative technologies, [0067], FIG. 7E, the concentric rings 520 each represent a user-defined security threat level having a respective label on risk indicator 531, business impact level, etc., and there may be any number of wedges 510, depending on the number of categories and other user-defined data attribute selected for display, e.g., FIG. 7A depicts five wedges 510, whereas FIG. 7E depicts three wedges 510).
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claim 13, the combined teachings of Li and Faile teach the non-transitory computer readable medium of claim 8 (as above). Further, while Li discloses all of the above and wherein generating the multidimensional risk visualization comprises placing the first event indicator at a location within the multidimensional risk visualization … from a dimension line corresponding to a risk dimension associated with the first risk event ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Hayes.
Hayes teaches wherein generating the multidimensional risk visualization comprises placing the first event indicator at a location within the multidimensional risk visualization clockwise from a dimension line corresponding to a risk dimension associated with the first risk event 0070], the datapoints 540 may be automatically plotted within their respective wedges 510 and concentric rings 520 based on repulsive forces assigned to the datapoints 540, their labels 541, the edges (inner and outer) of the rings 520, and the edges of the wedge 510 (i.e. the data points are plotted clockwise from left edges of the wedge based on repulsive force of the edge)).
PNG
media_image3.png
552
454
media_image3.png
Greyscale
PNG
media_image4.png
516
428
media_image4.png
Greyscale
Li and Hayes are analogous fields of invention because both address the problem of presenting risks in a graphical user interface as circles representing risks. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate a multidimensional risk visualization depicting event indicators for the risk events, as taught by Hayes, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating a multidimensional risk visualization depicting event indicators for the risk events, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Hayes in order to produce the added benefit of reducing the expense of analyzing business data without remove employees from their job duties. [0004].
Regarding claims 16 & 17, these claims are substantially similar to claims 9 & 11, respectively, and are, therefore, rejected on the same basis. While claims 16 & 17 are directed toward a system comprising a computing system comprising memory devices and processing hardware configured to cause the system to perform operations, Mishra discloses a system as claimed. [0014]-[0016].
Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over by Li, et al. (US 20120290989 A1), hereinafter Li, in view of Faile, et al. (US 20150199511 A1), hereinafter Faile in further view of You, et al. (WO 2021093163 A1), hereinafter You.
Regarding claim 18, the combined teachings of Li and Faile teach the system of claim 15 (as above). Further, while Li discloses all of the above and one or more of the first severity or the first frequency of the first risk event ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in You.
You teaches wherein modifying the one or more hardware components of the at-risk system to the state that reduces the risk comprises updating encryption software on the one or more hardware components to reduce one or more of … the first risk event in relation to electronic messaging security (p. 32, the implementations above provide for updating various hierarchical levels of keys for enabling encrypted communication between the terminal devices and service applications via the communication network and reduce risk to security breaches, p. 2, in a method for generating an application key by an application key management network node in a communication network for encrypted data transmission via a communication network between a terminal device and a service application, an application key request is received from a service application, and the application key is transmitted to the service application, pp. 5-6, wherein service applications 140 are applications hosted by application servers that are accessible by the terminal devices 110 and 112/UE 310).
Li and You are analogous fields of invention because both address the problem of addressing risks in technological systems. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to modify hardware components of the at-risk system, as taught by You, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of modifying hardware components of the at-risk system, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of You in order to produce the added benefit of improving communication security. p. 28.
Claims 19 & 20 is rejected under 35 U.S.C. 103 as being unpatentable over by Li, et al. (US 20120290989 A1), hereinafter Li, in view of Faile, et al. (US 20150199511 A1), hereinafter Faile in further view of Bulut, et al. (US 20230177169 A1), hereinafter Bulut.
Regarding claim 19, the combined teachings of Li and Faile teach the system of claim 15 (as above). Further, while Li discloses all of the above and wherein the processing hardware are further configured to perform operations comprising … from the multidimensional risk visualization … based on risk visualizations ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Bulut.
Bulut teaches wherein the processing hardware are further configured to perform operations comprising generating a risk mitigation strategy from the multidimensional risk … by utilizing a strategy prediction neural network trained to predict risk mitigation strategies based on risk … ([0036]-[0037], mitigation machine learning model 140 can be configured as various types of ML models, including CNNs, DNNs, RNNs, trained from training dataset 142 including mitigation techniques 144 implementable on the monitored computing environment 102, [0056], [0060], a risk assessor 190 produces a risk assessment based on the combination of mappings of attack techniques produced from the mitigation machine learning model 140, and the resulting risk assessment 195 generated by the risk assessor 190 may be output to a STEM system or other downstream computing system for the performance of responsive action in the form of output a notification to a human analyst, such as via a user interface, [0025], a mitigation machine learning model is trained using a third training dataset to generate attack technique classifications, wherein the third training dataset can include mitigation techniques converted into feature vectors with corresponding classifications of attack techniques).
Li and Bulut are analogous fields of invention because both address the problem of addressing risks in technological systems. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to perform operations comprising generating a risk mitigation strategy from the multidimensional risk by utilizing a strategy prediction neural network trained to predict risk mitigation strategies, as taught by Bulut, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of performing operations comprising generating a risk mitigation strategy from the multidimensional risk visualization by utilizing a strategy prediction neural network trained to predict risk mitigation strategies based on risk visualizations, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Bulut in order to produce the added benefit of reducing risk of a vulnerable system. [0021].
Regarding claim 19, the combined teachings of Li and Faile teach the system of claim 15 (as above). Further, while Li discloses all of the above and to process pixels of the multidimensional risk visualization ([0017], [0022], computer 100 generates and/or displays one or more user interfaces that present risk assessment an interactive graphical map indicating one or more characteristics of those risks such as risk likelihood, risk severity, and risk domain or other risk category, [0029]-[0030], fig. 4, in a user interface, indicator 403 indicates that the selected Cyb node belongs to the Technology domain from, e.g., the Domain field of Table 1, and in risk landscape map 404, the nodes are distributed along perpendicular Likelihood and Severity axes of a chart, according to their associated likelihood and severity scores, and the size of each node in map 404 may be based on a combination of any two of, or all three of, the likelihood, severity, and detection scores of the associated node), Li does not expressly disclose the remaining elements of the following limitations, which however, are taught by further teachings in Bulut.
Bulut teaches wherein generating the risk mitigation strategy comprises utilizing the strategy prediction neural network to process … of the multidimensional risk … ([0036]-[0037], mitigation machine learning model 140 can be configured as various types of ML models, including CNNs, DNNs, RNNs, trained from training dataset 142 including mitigation techniques 144 implementable on the monitored computing environment 102, [0056], [0060], a risk assessor 190 produces a risk assessment based on the combination of mappings of attack techniques produced from the mitigation machine learning model 140, and the resulting risk assessment 195 generated by the risk assessor 190 may be output to a STEM system or other downstream computing system for the performance of responsive action in the form of output a notification to a human analyst, such as via a user interface, [0025], a mitigation machine learning model is trained using a third training dataset to generate attack technique classifications, wherein the third training dataset can include mitigation techniques converted into feature vectors with corresponding classifications of attack techniques).
Li and Bulut are analogous fields of invention because both address the problem of addressing risks in technological systems. At the time the invention was effectively filed, it would have been obvious to one of ordinary skill in the art to include in the system of Li the ability to generate the risk mitigation strategy comprises utilizing the strategy prediction neural network to process the multidimensional risk, as taught by Bulut, since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the combination would produce the predictable results of generating the risk mitigation strategy comprises utilizing the strategy prediction neural network to process pixels of the multidimensional risk visualizations, as claimed. Further, it would have been obvious to one of ordinary skill in the art to have modified Li with the aforementioned teachings of Bulut in order to produce the added benefit of reducing risk of a vulnerable system. [0021].
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHARLES A GUILIANO whose telephone number is (571)272-9859. The examiner can normally be reached Mon-Fri 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rutao Wu can be reached at 571-272-6045. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
CHARLES GUILIANO
Primary Examiner
Art Unit 3623
/CHARLES GUILIANO/Primary Examiner, Art Unit 3623