The Current Environment of Cybersecurity
The article ‘Cyber risk and cybersecurity: a systematic review of data availability‘ defined a cyber threat as “operational risks to information and technology assets that have consequences affecting the confidentiality, availability, and/or integrity of information or information systems.” Cybersecurity should be a concern for the individual, local to international buisnesses, and state/government organizations. The article does an extensive literature review and consolidates all the available open datasets concerning cyber risks up until May 2021. The prior cutoff date for literature to be reviewed was 2011 ‘due to the continuous development of cyber risks and their countermeasures.’ Another criteria point used to decide what articles and data to use in their literature review was that the article had to be published in a peer-reviewed journal and written in english. I found this rather counterproductive, as the article itself argues for more valuable data to be used in the research and development of cybersecurity. Most of the datasets used in this article were produced in the United States (58.2%), with Canada (11.3%) and Australia (5%) producing the 2nd and 3rd amount used. I am not quite sure how feasible it would be to collect and use datasets that originate from entities that are suspect to cyber-attacks but I am sure that it would help in the field of prediction and detection of attacks in cyberspace.
A recommendation from the authors of the article is to make it mandatory for entities who are victims of cyber-attacks to report these incidents as they can be used as indicators for future forecasting models. For my final project I will look further into how academically published, non-english articles and datasets can be translated and potentially used in cyber-conflict specific forecasting models. I understand that my research will also require understanding how the detection of cyber-attacks work, as previously stated, this is a subject moving at a very fast pace, and the amount of quality data that can be collected is an important factor in the prediction and detection of these attacks.