CISSM Working Paper
Publicity surrounding the threat of cyber-attacks continues to grow, yet immature classification methods for these events prevent technical staff, organizational leaders, and policy makers from engaging in meaningful and nuanced conversations about the risk to their organizations or critical infrastructure. This paper provides a taxonomy of cyber events that is used to analyze over 2,431 publicized cyber events from 2014-2016 by industrial sector. Industrial sectors vary in the scale of events they are subjected to, the distribution between exploitive and disruptive event types, and the method by which data is stolen or organizational operations are disrupted. The number, distribution, and mix of cyber event types highlight significant differences by sector, demonstrating that strategies may vary based on deeper understandings of the threat environment faced across industries.