The Center for International and Security Studies at Maryland (CISSM) recently launched its Cyber Events Database, collating open-source information on a range of publicly acknowledged cyber events affecting private and public organizations from 2014 to the present.
The new dataset complements an analytical framework developed by Dr. Charles Harry, Director of the Center for Governance of Technology and Systems (GoTech) and CISSM Director, Dr. Nancy Gallagher, to help key decisionmakers across sectors systematically categorize cyber attacks and estimate their consequences.
“Organizational leaders and policymakers cannot make strategic decisions about allocating scarce resources for cyber protection without data about which types of cyber threats are most common in their sector, and which could have the greatest negative effects on the target itself, and everyone who depends on it for goods and services," said Gallagher. "Analysts now have easy access to a free, comprehensive, open-source dataset of cyber events designed to be used with the CISSM cyber risk management framework, which should significantly improve research and decision-making in this field.”
While there are other outlets that catalog cyber events, the data is often poorly structured and inconsistently coded, making it difficult to distill larger analytic insights. To address this gap, the new dataset categorizes cyber events across a range of variables including the threat actor, threat actor country, motive, target, end effects, industry, and country of impact. A team of researchers utilize automated techniques paired with manual review and classification to acquire and structure data from a variety of open news sites, blogs, and other specialty sites that identify and discuss publicly attributed attacks.
“There exists a substantial set of information about the tactics, techniques, and processes of cyber threat actors, but there aren't any robust open datasets that systematically capture and categorize the effects these actions have on organizations around the world," added Harry. "This dataset is focused on providing researchers and organizations with information to further our understanding of what states, criminal actors, hacktivists, and others are achieving with their actions."
To commemorate the launch of the new database, CISSM and GoTech held a public event on Thursday, November 4th from 12:00 pm – 1:15 pm in the Van Munching Hall Atrium. The event featured a panel discussion with Lt. Gen. (Retired) Ed Cardon, Former Commander of Army Cyber Command; Dan Ennis, Former Director of the NSA Threat Operations Center; and Harvey Rishikof, Director of Policy and Cyber Security at the Applied Research Laboratory for Intelligence and Security (ARLIS). Dr. Harry moderated the discussion.
For more information about the Cyber Events Database, contact Dr. Charles Harry at charry@umd.edu.
You can watch the CISSM/GoTech launch event here.