current research topics in information security

For enquiries call:

+1-469-442-0620

60+ Latest Cyber Security Research Topics for 2024

Home Blog Security 60+ Latest Cyber Security Research Topics for 2024

The concept of cybersecurity refers to cracking the security mechanisms that break in dynamic environments. Implementing Cyber Security Project topics and cyber security thesis topics /ideas helps overcome attacks and take mitigation approaches to security risks and threats in real-time. Undoubtedly, it focuses on events injected into the system, data, and the whole network to attack/disturb it.

The network can be attacked in various ways, including Distributed DoS, Knowledge Disruptions, Computer Viruses / Worms, and many more. Cyber-attacks are still rising, and more are waiting to harm their targeted systems and networks. Detecting Intrusions in cybersecurity has become challenging due to their Intelligence Performance. Therefore, it may negatively affect data integrity, privacy, availability, and security. 

This article aims to demonstrate the most current Cyber Security Topics for Projects and areas of research currently lacking. We will talk about cyber security research questions, cyber security research questions, cyber security topics for the project, best cyber security research topics, research titles about cyber security and web security research topics.

List of Trending Cyber Security Research Topics for 2024

Digital technology has revolutionized how all businesses, large or small, work, and even governments manage their day-to-day activities, requiring organizations, corporations, and government agencies to utilize computerized systems. To protect data against online attacks or unauthorized access, cybersecurity is a priority. There are many Cyber Security Courses online where you can learn about these topics. With the rapid development of technology comes an equally rapid shift in Cyber Security Research Topics and cybersecurity trends, as data breaches, ransomware, and hacks become almost routine news items. In 2024, these will be the top cybersecurity trends.

A) Exciting Mobile Cyber Security Research Paper Topics

• The significance of continuous user authentication on mobile gadgets. 
• The efficacy of different mobile security approaches. 
• Detecting mobile phone hacking. 
• Assessing the threat of using portable devices to access banking services. 
• Cybersecurity and mobile applications. 
• The vulnerabilities in wireless mobile data exchange. 
• The rise of mobile malware. 
• The evolution of Android malware.
• How to know you’ve been hacked on mobile. 
• The impact of mobile gadgets on cybersecurity. 

B) Top Computer and Software Security Topics to Research

• Learn algorithms for data encryption 
• Concept of risk management security 
• How to develop the best Internet security software 
• What are Encrypting Viruses- How does it work? 
• How does a Ransomware attack work? 
• Scanning of malware on your PC 
• Infiltrating a Mac OS X operating system 
• What are the effects of RSA on network security ? 
• How do encrypting viruses work?
• DDoS attacks on IoT devices 

C) Trending Information Security Research Topics

• Why should people avoid sharing their details on Facebook? 
• What is the importance of unified user profiles? 
• Discuss Cookies and Privacy  
• White hat and black hat hackers 
• What are the most secure methods for ensuring data integrity? 
• Talk about the implications of Wi-Fi hacking apps on mobile phones 
• Analyze the data breaches in 2024
• Discuss digital piracy in 2024
• critical cyber-attack concepts 
• Social engineering and its importance 

D) Current Network Security Research Topics

• Data storage centralization
• Identify Malicious activity on a computer system. 
• Firewall 
• Importance of keeping updated Software  
• wireless sensor network 
• What are the effects of ad-hoc networks  
• How can a company network be safe? 
• What are Network segmentation and its applications? 
• Discuss Data Loss Prevention systems  
• Discuss various methods for establishing secure algorithms in a network. 
• Talk about two-factor authentication

E) Best Data Security Research Topics

• Importance of backup and recovery 
• Benefits of logging for applications 
• Understand physical data security 
• Importance of Cloud Security 
• In computing, the relationship between privacy and data security 
• Talk about data leaks in mobile apps 
• Discuss the effects of a black hole on a network system. 

F) Important Application Security Research Topics

• Detect Malicious Activity on Google Play Apps 
• Dangers of XSS attacks on apps 
• Discuss SQL injection attacks. 
• Insecure Deserialization Effect 
• Check Security protocols 

G) Cybersecurity Law & Ethics Research Topics

• Strict cybersecurity laws in China 
• Importance of the Cybersecurity Information Sharing Act. 
• USA, UK, and other countries' cybersecurity laws  
• Discuss The Pipeline Security Act in the United States 

H) Recent Cyberbullying Topics

• Protecting your Online Identity and Reputation 
• Online Safety 
• Sexual Harassment and Sexual Bullying 
• Dealing with Bullying 
• Stress Center for Teens 

I) Operational Security Topics

• Identify sensitive data 
• Identify possible threats 
• Analyze security threats and vulnerabilities 
• Appraise the threat level and vulnerability risk 
• Devise a plan to mitigate the threats 

J) Cybercrime Topics for a Research Paper

• Crime Prevention. 
• Criminal Specialization. 
• Drug Courts. 
• Criminal Courts. 
• Criminal Justice Ethics. 
• Capital Punishment.
• Community Corrections. 
• Criminal Law. 

Research Area in Cyber Security

The field of cyber security is extensive and constantly evolving. Its research covers a wide range of subjects, including: 

• Quantum & Space  
• Data Privacy  
• Criminology & Law 
• AI & IoT Security

How to Choose the Best Research Topics in Cyber Security

A good cybersecurity assignment heading is a skill that not everyone has, and unfortunately, not everyone has one. You might have your teacher provide you with the topics, or you might be asked to come up with your own. If you want more research topics, you can take references from Certified Ethical Hacker Certification, where you will get more hints on new topics. If you don't know where to start, here are some tips. Follow them to create compelling cybersecurity assignment topics. 

1. Brainstorm

In order to select the most appropriate heading for your cybersecurity assignment, you first need to brainstorm ideas. What specific matter do you wish to explore? In this case, come up with relevant topics about the subject and select those relevant to your issue when you use our list of topics. You can also go to cyber security-oriented websites to get some ideas. Using any blog post on the internet can prove helpful if you intend to write a research paper on security threats in 2024. Creating a brainstorming list with all the keywords and cybersecurity concepts you wish to discuss is another great way to start. Once that's done, pick the topics you feel most comfortable handling. Keep in mind to stay away from common topics as much as possible. 

2. Understanding the Background

In order to write a cybersecurity assignment, you need to identify two or three research paper topics. Obtain the necessary resources and review them to gain background information on your heading. This will also allow you to learn new terminologies that can be used in your title to enhance it. 

3. Write a Single Topic

Make sure the subject of your cybersecurity research paper doesn't fall into either extreme. Make sure the title is neither too narrow nor too broad. Topics on either extreme will be challenging to research and write about. 

4. Be Flexible

There is no rule to say that the title you choose is permanent. It is perfectly okay to change your research paper topic along the way. For example, if you find another topic on this list to better suit your research paper, consider swapping it out. 

The Layout of Cybersecurity Research Guidance

It is undeniable that usability is one of cybersecurity's most important social issues today. Increasingly, security features have become standard components of our digital environment, which pervade our lives and require both novices and experts to use them. Supported by confidentiality, integrity, and availability concerns, security features have become essential components of our digital environment.  

In order to make security features easily accessible to a wider population, these functions need to be highly usable. This is especially true in this context because poor usability typically translates into the inadequate application of cybersecurity tools and functionality, resulting in their limited effectiveness. 

Writing Tips from Expert

Additionally, a well-planned action plan and a set of useful tools are essential for delving into Cyber Security Research Topics. Not only do these topics present a vast realm of knowledge and potential innovation, but they also have paramount importance in today's digital age. Addressing the challenges and nuances of these research areas will contribute significantly to the global cybersecurity landscape, ensuring safer digital environments for all. It's crucial to approach these topics with diligence and an open mind to uncover groundbreaking insights.

• Before you begin writing your research paper, make sure you understand the assignment. 
• Your Research Paper Should Have an Engaging Topic 
• Find reputable sources by doing a little research 
• Precisely state your thesis on cybersecurity 
• A rough outline should be developed 
• Finish your paper by writing a draft 
• Make sure that your bibliography is formatted correctly and cites your sources. 

Discover the Power of ITIL 4 Foundation - Unleash the Potential of Your Business with this Cost-Effective Solution. Boost Efficiency, Streamline Processes, and Stay Ahead of the Competition. Learn More!

Studies in the literature have identified and recommended guidelines and recommendations for addressing security usability problems to provide highly usable security. The purpose of such papers is to consolidate existing design guidelines and define an initial core list that can be used for future reference in the field of Cyber Security Research Topics.

The researcher takes advantage of the opportunity to provide an up-to-date analysis of cybersecurity usability issues and evaluation techniques applied so far. As a result of this research paper, researchers and practitioners interested in cybersecurity systems who value human and social design elements are likely to find it useful. You can find KnowledgeHut’s Cyber Security courses online and take maximum advantage of them.

Frequently Asked Questions (FAQs)

Businesses and individuals are changing how they handle cybersecurity as technology changes rapidly - from cloud-based services to new IoT devices. 

Ideally, you should have read many papers and know their structure, what information they contain, and so on if you want to write something of interest to others. 

The field of cyber security is extensive and constantly evolving. Its research covers various subjects, including Quantum & Space, Data Privacy, Criminology & Law, and AI & IoT Security. 

Inmates having the right to work, transportation of concealed weapons, rape and violence in prison, verdicts on plea agreements, rehab versus reform, and how reliable are eyewitnesses? 

Mrinal Prakash

I am a B.Tech Student who blogs about various topics on cyber security and is specialized in web application security

Avail your free 1:1 mentorship session.

Something went wrong

Upcoming Cyber Security Batches & Dates

Research Topics & Ideas: Cybersecurity

50 Topic Ideas To Kickstart Your Research

If you’re just starting out exploring cybersecurity-related topics for your dissertation, thesis or research project, you’ve come to the right place. In this post, we’ll help kickstart your research by providing a hearty list of cybersecurity-related research topics and ideas , including examples from recent studies.

PS – This is just the start…

We know it’s exciting to run through a list of research topics, but please keep in mind that this list is just a starting point . These topic ideas provided here are intentionally broad and generic , so keep in mind that you will need to develop them further. Nevertheless, they should inspire some ideas for your project.

To develop a suitable research topic, you’ll need to identify a clear and convincing research gap , and a viable plan to fill that gap. If this sounds foreign to you, check out our free research topic webinar that explores how to find and refine a high-quality research topic, from scratch. Alternatively, consider our 1-on-1 coaching service .

Cybersecurity-Related Research Topics

• Developing machine learning algorithms for early detection of cybersecurity threats.
• The use of artificial intelligence in optimizing network traffic for telecommunication companies.
• Investigating the impact of quantum computing on existing encryption methods.
• The application of blockchain technology in securing Internet of Things (IoT) devices.
• Developing efficient data mining techniques for large-scale social media analytics.
• The role of virtual reality in enhancing online education platforms.
• Investigating the effectiveness of various algorithms in reducing energy consumption in data centers.
• The impact of edge computing on the performance of mobile applications in remote areas.
• The application of computer vision techniques in automated medical diagnostics.
• Developing natural language processing tools for sentiment analysis in customer service.
• The use of augmented reality for training in high-risk industries like oil and gas.
• Investigating the challenges of integrating AI into legacy enterprise systems.
• The role of IT in managing supply chain disruptions during global crises.
• Developing adaptive cybersecurity strategies for small and medium-sized enterprises.
• The impact of 5G technology on the development of smart city solutions.
• The application of machine learning in personalized e-commerce recommendations.
• Investigating the use of cloud computing in improving government service delivery.
• The role of IT in enhancing sustainability in the manufacturing sector.
• Developing advanced algorithms for autonomous vehicle navigation.
• The application of biometrics in enhancing banking security systems.
• Investigating the ethical implications of facial recognition technology.
• The role of data analytics in optimizing healthcare delivery systems.
• Developing IoT solutions for efficient energy management in smart homes.
• The impact of mobile computing on the evolution of e-health services.
• The application of IT in disaster response and management.

Cybersecurity Research Ideas (Continued)

• Assessing the security implications of quantum computing on modern encryption methods.
• The role of artificial intelligence in detecting and preventing phishing attacks.
• Blockchain technology in secure voting systems: opportunities and challenges.
• Cybersecurity strategies for protecting smart grids from targeted attacks.
• Developing a cyber incident response framework for small to medium-sized enterprises.
• The effectiveness of behavioural biometrics in preventing identity theft.
• Securing Internet of Things (IoT) devices in healthcare: risks and solutions.
• Analysis of cyber warfare tactics and their implications on national security.
• Exploring the ethical boundaries of offensive cybersecurity measures.
• Machine learning algorithms for predicting and mitigating DDoS attacks.
• Study of cryptocurrency-related cybercrimes: patterns and prevention strategies.
• Evaluating the impact of GDPR on data breach response strategies in the EU.
• Developing enhanced security protocols for mobile banking applications.
• An examination of cyber espionage tactics and countermeasures.
• The role of human error in cybersecurity breaches: a behavioural analysis.
• Investigating the use of deep fakes in cyber fraud: detection and prevention.
• Cloud computing security: managing risks in multi-tenant environments.
• Next-generation firewalls: evaluating performance and security features.
• The impact of 5G technology on cybersecurity strategies and policies.
• Secure coding practices: reducing vulnerabilities in software development.
• Assessing the role of cyber insurance in mitigating financial losses from cyber attacks.
• Implementing zero trust architecture in corporate networks: challenges and benefits.
• Ransomware attacks on critical infrastructure: case studies and defence strategies.
• Using big data analytics for proactive cyber threat intelligence.
• Evaluating the effectiveness of cybersecurity awareness training in organisations.

Recent Cybersecurity-Related Studies

While the ideas we’ve presented above are a decent starting point for finding a research topic, they are fairly generic and non-specific. So, it helps to look at actual studies in the cybersecurity space to see how this all comes together in practice.

Below, we’ve included a selection of recent studies to help refine your thinking. These are actual studies,  so they can provide some useful insight as to what a research topic looks like in practice.

• Cyber Security Vulnerability Detection Using Natural Language Processing (Singh et al., 2022)
• Security for Cloud-Native Systems with an AI-Ops Engine (Ck et al., 2022)
• Overview of Cyber Security (Yadav, 2022)
• Exploring the Top Five Evolving Threats in Cybersecurity: An In-Depth Overview (Mijwil et al., 2023)
• Cyber Security: Strategy to Security Challenges A Review (Nistane & Sharma, 2022)
• A Review Paper on Cyber Security (K & Venkatesh, 2022)
• The Significance of Machine Learning and Deep Learning Techniques in Cybersecurity: A Comprehensive Review (Mijwil, 2023)
• Towards Artificial Intelligence-Based Cybersecurity: The Practices and ChatGPT Generated Ways to Combat Cybercrime (Mijwil et al., 2023)
• ESTABLISHING CYBERSECURITY AWARENESS OF TECHNICAL SECURITY MEASURES THROUGH A SERIOUS GAME (Harding et al., 2022)
• Efficiency Evaluation of Cyber Security Based on EBM-DEA Model (Nguyen et al., 2022)
• An Overview of the Present and Future of User Authentication (Al Kabir & Elmedany, 2022)
• Cybersecurity Enterprises Policies: A Comparative Study (Mishra et al., 2022)
• The Rise of Ransomware: A Review of Attacks, Detection Techniques, and Future Challenges (Kamil et al., 2022)
• On the scale of Cyberspace and Cybersecurity (Pathan, 2022)
• Analysis of techniques and attacking pattern in cyber security approach (Sharma et al., 2022)
• Impact of Artificial Intelligence on Information Security in Business (Alawadhi et al., 2022)
• Deployment of Artificial Intelligence with Bootstrapped Meta-Learning in Cyber Security (Sasikala & Sharma, 2022)
• Optimization of Secure Coding Practices in SDLC as Part of Cybersecurity Framework (Jakimoski et al., 2022)
• CySSS ’22: 1st International Workshop on Cybersecurity and Social Sciences (Chan-Tin & Kennison, 2022)

As you can see, these research topics are a lot more focused than the generic topic ideas we presented earlier. So, for you to develop a high-quality research topic, you’ll need to get specific and laser-focused on a specific context with specific variables of interest.  In the video below, we explore some other important things you’ll need to consider when crafting your research topic.

Get 1-On-1 Help

If you’re still unsure about how to find a quality research topic, check out our Research Topic Kickstarter service, which is the perfect starting point for developing a unique, well-justified research topic.

You Might Also Like:

Submit a Comment Cancel reply

Your email address will not be published. Required fields are marked *

Save my name, email, and website in this browser for the next time I comment.

• Print Friendly

Prototype pollution

Prototype pollution project yields another Parse Server RCE

Bug Bounty Radar

The latest programs for February 2023

All Day DevOps

AppSec engineer keynote says Log4j revealed lessons were not learned from the Equifax breach

Infosec beginner?

A rough guide to launching a career in cybersecurity

Cybersecurity conferences

A schedule of events in 2022 and beyond

Latest cybersecurity research news

Cyber risk and cybersecurity: a systematic review of data availability

• Open access
• Published: 17 February 2022
• Volume 47 , pages 698–736, ( 2022 )

Cite this article

You have full access to this open access article

• Frank Cremer 1 ,
• Barry Sheehan   ORCID: orcid.org/0000-0003-4592-7558 1 ,
• Michael Fortmann 2 ,
• Arash N. Kia 1 ,
• Martin Mullins 1 ,
• Finbarr Murphy 1 &
• Stefan Materne 2  

59k Accesses

57 Citations

32 Altmetric

Explore all metrics

Cybercrime is estimated to have cost the global economy just under USD 1 trillion in 2020, indicating an increase of more than 50% since 2018. With the average cyber insurance claim rising from USD 145,000 in 2019 to USD 359,000 in 2020, there is a growing necessity for better cyber information sources, standardised databases, mandatory reporting and public awareness. This research analyses the extant academic and industry literature on cybersecurity and cyber risk management with a particular focus on data availability. From a preliminary search resulting in 5219 cyber peer-reviewed studies, the application of the systematic methodology resulted in 79 unique datasets. We posit that the lack of available data on cyber risk poses a serious problem for stakeholders seeking to tackle this issue. In particular, we identify a lacuna in open databases that undermine collective endeavours to better manage this set of risks. The resulting data evaluation and categorisation will support cybersecurity researchers and the insurance industry in their efforts to comprehend, metricise and manage cyber risks.

Similar content being viewed by others

AI-Driven Cybersecurity: An Overview, Security Intelligence Modeling and Research Directions

Iqbal H. Sarker, Md Hasan Furhad & Raza Nowrozy

An overview of cybercrime law in South Africa

Sizwe Snail ka Mtuze & Melody Musoni

Cybersecurity data science: an overview from machine learning perspective

Iqbal H. Sarker, A. S. M. Kayes, … Alex Ng

Avoid common mistakes on your manuscript.

Introduction

Globalisation, digitalisation and smart technologies have escalated the propensity and severity of cybercrime. Whilst it is an emerging field of research and industry, the importance of robust cybersecurity defence systems has been highlighted at the corporate, national and supranational levels. The impacts of inadequate cybersecurity are estimated to have cost the global economy USD 945 billion in 2020 (Maleks Smith et al. 2020 ). Cyber vulnerabilities pose significant corporate risks, including business interruption, breach of privacy and financial losses (Sheehan et al. 2019 ). Despite the increasing relevance for the international economy, the availability of data on cyber risks remains limited. The reasons for this are many. Firstly, it is an emerging and evolving risk; therefore, historical data sources are limited (Biener et al. 2015 ). It could also be due to the fact that, in general, institutions that have been hacked do not publish the incidents (Eling and Schnell 2016 ). The lack of data poses challenges for many areas, such as research, risk management and cybersecurity (Falco et al. 2019 ). The importance of this topic is demonstrated by the announcement of the European Council in April 2021 that a centre of excellence for cybersecurity will be established to pool investments in research, technology and industrial development. The goal of this centre is to increase the security of the internet and other critical network and information systems (European Council 2021 ).

This research takes a risk management perspective, focusing on cyber risk and considering the role of cybersecurity and cyber insurance in risk mitigation and risk transfer. The study reviews the existing literature and open data sources related to cybersecurity and cyber risk. This is the first systematic review of data availability in the general context of cyber risk and cybersecurity. By identifying and critically analysing the available datasets, this paper supports the research community by aggregating, summarising and categorising all available open datasets. In addition, further information on datasets is attached to provide deeper insights and support stakeholders engaged in cyber risk control and cybersecurity. Finally, this research paper highlights the need for open access to cyber-specific data, without price or permission barriers.

The identified open data can support cyber insurers in their efforts on sustainable product development. To date, traditional risk assessment methods have been untenable for insurance companies due to the absence of historical claims data (Sheehan et al. 2021 ). These high levels of uncertainty mean that cyber insurers are more inclined to overprice cyber risk cover (Kshetri 2018 ). Combining external data with insurance portfolio data therefore seems to be essential to improve the evaluation of the risk and thus lead to risk-adjusted pricing (Bessy-Roland et al. 2021 ). This argument is also supported by the fact that some re/insurers reported that they are working to improve their cyber pricing models (e.g. by creating or purchasing databases from external providers) (EIOPA 2018 ). Figure  1 provides an overview of pricing tools and factors considered in the estimation of cyber insurance based on the findings of EIOPA ( 2018 ) and the research of Romanosky et al. ( 2019 ). The term cyber risk refers to all cyber risks and their potential impact.

An overview of the current cyber insurance informational and methodological landscape, adapted from EIOPA ( 2018 ) and Romanosky et al. ( 2019 )

Besides the advantage of risk-adjusted pricing, the availability of open datasets helps companies benchmark their internal cyber posture and cybersecurity measures. The research can also help to improve risk awareness and corporate behaviour. Many companies still underestimate their cyber risk (Leong and Chen 2020 ). For policymakers, this research offers starting points for a comprehensive recording of cyber risks. Although in many countries, companies are obliged to report data breaches to the respective supervisory authority, this information is usually not accessible to the research community. Furthermore, the economic impact of these breaches is usually unclear.

As well as the cyber risk management community, this research also supports cybersecurity stakeholders. Researchers are provided with an up-to-date, peer-reviewed literature of available datasets showing where these datasets have been used. For example, this includes datasets that have been used to evaluate the effectiveness of countermeasures in simulated cyberattacks or to test intrusion detection systems. This reduces a time-consuming search for suitable datasets and ensures a comprehensive review of those available. Through the dataset descriptions, researchers and industry stakeholders can compare and select the most suitable datasets for their purposes. In addition, it is possible to combine the datasets from one source in the context of cybersecurity or cyber risk. This supports efficient and timely progress in cyber risk research and is beneficial given the dynamic nature of cyber risks.

Cyber risks are defined as “operational risks to information and technology assets that have consequences affecting the confidentiality, availability, and/or integrity of information or information systems” (Cebula et al. 2014 ). Prominent cyber risk events include data breaches and cyberattacks (Agrafiotis et al. 2018 ). The increasing exposure and potential impact of cyber risk have been highlighted in recent industry reports (e.g. Allianz 2021 ; World Economic Forum 2020 ). Cyberattacks on critical infrastructures are ranked 5th in the World Economic Forum's Global Risk Report. Ransomware, malware and distributed denial-of-service (DDoS) are examples of the evolving modes of a cyberattack. One example is the ransomware attack on the Colonial Pipeline, which shut down the 5500 mile pipeline system that delivers 2.5 million barrels of fuel per day and critical liquid fuel infrastructure from oil refineries to states along the U.S. East Coast (Brower and McCormick 2021 ). These and other cyber incidents have led the U.S. to strengthen its cybersecurity and introduce, among other things, a public body to analyse major cyber incidents and make recommendations to prevent a recurrence (Murphey 2021a ). Another example of the scope of cyberattacks is the ransomware NotPetya in 2017. The damage amounted to USD 10 billion, as the ransomware exploited a vulnerability in the windows system, allowing it to spread independently worldwide in the network (GAO 2021 ). In the same year, the ransomware WannaCry was launched by cybercriminals. The cyberattack on Windows software took user data hostage in exchange for Bitcoin cryptocurrency (Smart 2018 ). The victims included the National Health Service in Great Britain. As a result, ambulances were redirected to other hospitals because of information technology (IT) systems failing, leaving people in need of urgent assistance waiting. It has been estimated that 19,000 cancelled treatment appointments resulted from losses of GBP 92 million (Field 2018 ). Throughout the COVID-19 pandemic, ransomware attacks increased significantly, as working from home arrangements increased vulnerability (Murphey 2021b ).

Besides cyberattacks, data breaches can also cause high costs. Under the General Data Protection Regulation (GDPR), companies are obliged to protect personal data and safeguard the data protection rights of all individuals in the EU area. The GDPR allows data protection authorities in each country to impose sanctions and fines on organisations they find in breach. “For data breaches, the maximum fine can be €20 million or 4% of global turnover, whichever is higher” (GDPR.EU 2021 ). Data breaches often involve a large amount of sensitive data that has been accessed, unauthorised, by external parties, and are therefore considered important for information security due to their far-reaching impact (Goode et al. 2017 ). A data breach is defined as a “security incident in which sensitive, protected, or confidential data are copied, transmitted, viewed, stolen, or used by an unauthorized individual” (Freeha et al. 2021 ). Depending on the amount of data, the extent of the damage caused by a data breach can be significant, with the average cost being USD 392 million Footnote 1 (IBM Security 2020 ).

This research paper reviews the existing literature and open data sources related to cybersecurity and cyber risk, focusing on the datasets used to improve academic understanding and advance the current state-of-the-art in cybersecurity. Furthermore, important information about the available datasets is presented (e.g. use cases), and a plea is made for open data and the standardisation of cyber risk data for academic comparability and replication. The remainder of the paper is structured as follows. The next section describes the related work regarding cybersecurity and cyber risks. The third section outlines the review method used in this work and the process. The fourth section details the results of the identified literature. Further discussion is presented in the penultimate section and the final section concludes.

Related work

Due to the significance of cyber risks, several literature reviews have been conducted in this field. Eling ( 2020 ) reviewed the existing academic literature on the topic of cyber risk and cyber insurance from an economic perspective. A total of 217 papers with the term ‘cyber risk’ were identified and classified in different categories. As a result, open research questions are identified, showing that research on cyber risks is still in its infancy because of their dynamic and emerging nature. Furthermore, the author highlights that particular focus should be placed on the exchange of information between public and private actors. An improved information flow could help to measure the risk more accurately and thus make cyber risks more insurable and help risk managers to determine the right level of cyber risk for their company. In the context of cyber insurance data, Romanosky et al. ( 2019 ) analysed the underwriting process for cyber insurance and revealed how cyber insurers understand and assess cyber risks. For this research, they examined 235 American cyber insurance policies that were publicly available and looked at three components (coverage, application questionnaires and pricing). The authors state in their findings that many of the insurers used very simple, flat-rate pricing (based on a single calculation of expected loss), while others used more parameters such as the asset value of the company (or company revenue) or standard insurance metrics (e.g. deductible, limits), and the industry in the calculation. This is in keeping with Eling ( 2020 ), who states that an increased amount of data could help to make cyber risk more accurately measured and thus more insurable. Similar research on cyber insurance and data was conducted by Nurse et al. ( 2020 ). The authors examined cyber insurance practitioners' perceptions and the challenges they face in collecting and using data. In addition, gaps were identified during the research where further data is needed. The authors concluded that cyber insurance is still in its infancy, and there are still several unanswered questions (for example, cyber valuation, risk calculation and recovery). They also pointed out that a better understanding of data collection and use in cyber insurance would be invaluable for future research and practice. Bessy-Roland et al. ( 2021 ) come to a similar conclusion. They proposed a multivariate Hawkes framework to model and predict the frequency of cyberattacks. They used a public dataset with characteristics of data breaches affecting the U.S. industry. In the conclusion, the authors make the argument that an insurer has a better knowledge of cyber losses, but that it is based on a small dataset and therefore combination with external data sources seems essential to improve the assessment of cyber risks.

Several systematic reviews have been published in the area of cybersecurity (Kruse et al. 2017 ; Lee et al. 2020 ; Loukas et al. 2013 ; Ulven and Wangen 2021 ). In these papers, the authors concentrated on a specific area or sector in the context of cybersecurity. This paper adds to this extant literature by focusing on data availability and its importance to risk management and insurance stakeholders. With a priority on healthcare and cybersecurity, Kruse et al. ( 2017 ) conducted a systematic literature review. The authors identified 472 articles with the keywords ‘cybersecurity and healthcare’ or ‘ransomware’ in the databases Cumulative Index of Nursing and Allied Health Literature, PubMed and Proquest. Articles were eligible for this review if they satisfied three criteria: (1) they were published between 2006 and 2016, (2) the full-text version of the article was available, and (3) the publication is a peer-reviewed or scholarly journal. The authors found that technological development and federal policies (in the U.S.) are the main factors exposing the health sector to cyber risks. Loukas et al. ( 2013 ) conducted a review with a focus on cyber risks and cybersecurity in emergency management. The authors provided an overview of cyber risks in communication, sensor, information management and vehicle technologies used in emergency management and showed areas for which there is still no solution in the literature. Similarly, Ulven and Wangen ( 2021 ) reviewed the literature on cybersecurity risks in higher education institutions. For the literature review, the authors used the keywords ‘cyber’, ‘information threats’ or ‘vulnerability’ in connection with the terms ‘higher education, ‘university’ or ‘academia’. A similar literature review with a focus on Internet of Things (IoT) cybersecurity was conducted by Lee et al. ( 2020 ). The review revealed that qualitative approaches focus on high-level frameworks, and quantitative approaches to cybersecurity risk management focus on risk assessment and quantification of cyberattacks and impacts. In addition, the findings presented a four-step IoT cyber risk management framework that identifies, quantifies and prioritises cyber risks.

Datasets are an essential part of cybersecurity research, underlined by the following works. Ilhan Firat et al. ( 2021 ) examined various cybersecurity datasets in detail. The study was motivated by the fact that with the proliferation of the internet and smart technologies, the mode of cyberattacks is also evolving. However, in order to prevent such attacks, they must first be detected; the dissemination and further development of cybersecurity datasets is therefore critical. In their work, the authors observed studies of datasets used in intrusion detection systems. Khraisat et al. ( 2019 ) also identified a need for new datasets in the context of cybersecurity. The researchers presented a taxonomy of current intrusion detection systems, a comprehensive review of notable recent work, and an overview of the datasets commonly used for assessment purposes. In their conclusion, the authors noted that new datasets are needed because most machine-learning techniques are trained and evaluated on the knowledge of old datasets. These datasets do not contain new and comprehensive information and are partly derived from datasets from 1999. The authors noted that the core of this issue is the availability of new public datasets as well as their quality. The availability of data, how it is used, created and shared was also investigated by Zheng et al. ( 2018 ). The researchers analysed 965 cybersecurity research papers published between 2012 and 2016. They created a taxonomy of the types of data that are created and shared and then analysed the data collected via datasets. The researchers concluded that while datasets are recognised as valuable for cybersecurity research, the proportion of publicly available datasets is limited.

The main contributions of this review and what differentiates it from previous studies can be summarised as follows. First, as far as we can tell, it is the first work to summarise all available datasets on cyber risk and cybersecurity in the context of a systematic review and present them to the scientific community and cyber insurance and cybersecurity stakeholders. Second, we investigated, analysed, and made available the datasets to support efficient and timely progress in cyber risk research. And third, we enable comparability of datasets so that the appropriate dataset can be selected depending on the research area.

Methodology

Process and eligibility criteria.

The structure of this systematic review is inspired by the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) framework (Page et al. 2021 ), and the search was conducted from 3 to 10 May 2021. Due to the continuous development of cyber risks and their countermeasures, only articles published in the last 10 years were considered. In addition, only articles published in peer-reviewed journals written in English were included. As a final criterion, only articles that make use of one or more cybersecurity or cyber risk datasets met the inclusion criteria. Specifically, these studies presented new or existing datasets, used them for methods, or used them to verify new results, as well as analysed them in an economic context and pointed out their effects. The criterion was fulfilled if it was clearly stated in the abstract that one or more datasets were used. A detailed explanation of this selection criterion can be found in the ‘Study selection’ section.

Information sources

In order to cover a complete spectrum of literature, various databases were queried to collect relevant literature on the topic of cybersecurity and cyber risks. Due to the spread of related articles across multiple databases, the literature search was limited to the following four databases for simplicity: IEEE Xplore, Scopus, SpringerLink and Web of Science. This is similar to other literature reviews addressing cyber risks or cybersecurity, including Sardi et al. ( 2021 ), Franke and Brynielsson ( 2014 ), Lagerström (2019), Eling and Schnell ( 2016 ) and Eling ( 2020 ). In this paper, all databases used in the aforementioned works were considered. However, only two studies also used all the databases listed. The IEEE Xplore database contains electrical engineering, computer science, and electronics work from over 200 journals and three million conference papers (IEEE 2021 ). Scopus includes 23,400 peer-reviewed journals from more than 5000 international publishers in the areas of science, engineering, medicine, social sciences and humanities (Scopus 2021 ). SpringerLink contains 3742 journals and indexes over 10 million scientific documents (SpringerLink 2021 ). Finally, Web of Science indexes over 9200 journals in different scientific disciplines (Science 2021 ).

A search string was created and applied to all databases. To make the search efficient and reproducible, the following search string with Boolean operator was used in all databases: cybersecurity OR cyber risk AND dataset OR database. To ensure uniformity of the search across all databases, some adjustments had to be made for the respective search engines. In Scopus, for example, the Advanced Search was used, and the field code ‘Title-ABS-KEY’ was integrated into the search string. For IEEE Xplore, the search was carried out with the Search String in the Command Search and ‘All Metadata’. In the Web of Science database, the Advanced Search was used. The special feature of this search was that it had to be carried out in individual steps. The first search was carried out with the terms cybersecurity OR cyber risk with the field tag Topic (T.S. =) and the second search with dataset OR database. Subsequently, these searches were combined, which then delivered the searched articles for review. For SpringerLink, the search string was used in the Advanced Search under the category ‘Find the resources with all of the words’. After conducting this search string, 5219 studies could be found. According to the eligibility criteria (period, language and only scientific journals), 1581 studies were identified in the databases:

Scopus: 135

Springer Link: 548

Web of Science: 534

An overview of the process is given in Fig.  2 . Combined with the results from the four databases, 854 articles without duplicates were identified.

Literature search process and categorisation of the studies

Study selection

In the final step of the selection process, the articles were screened for relevance. Due to a large number of results, the abstracts were analysed in the first step of the process. The aim was to determine whether the article was relevant for the systematic review. An article fulfilled the criterion if it was recognisable in the abstract that it had made a contribution to datasets or databases with regard to cyber risks or cybersecurity. Specifically, the criterion was considered to be met if the abstract used datasets that address the causes or impacts of cyber risks, and measures in the area of cybersecurity. In this process, the number of articles was reduced to 288. The articles were then read in their entirety, and an expert panel of six people decided whether they should be used. This led to a final number of 255 articles. The years in which the articles were published and the exact number can be seen in Fig.  3 .

Distribution of studies

Data collection process and synthesis of the results

For the data collection process, various data were extracted from the studies, including the names of the respective creators, the name of the dataset or database and the corresponding reference. It was also determined where the data came from. In the context of accessibility, it was determined whether access is free, controlled, available for purchase or not available. It was also determined when the datasets were created and the time period referenced. The application type and domain characteristics of the datasets were identified.

This section analyses the results of the systematic literature review. The previously identified studies are divided into three categories: datasets on the causes of cyber risks, datasets on the effects of cyber risks and datasets on cybersecurity. The classification is based on the intended use of the studies. This system of classification makes it easier for stakeholders to find the appropriate datasets. The categories are evaluated individually. Although complete information is available for a large proportion of datasets, this is not true for all of them. Accordingly, the abbreviation N/A has been inserted in the respective characters to indicate that this information could not be determined by the time of submission. The term ‘use cases in the literature’ in the following and supplementary tables refers to the application areas in which the corresponding datasets were used in the literature. The areas listed there refer to the topic area on which the researchers conducted their research. Since some datasets were used interdisciplinarily, the listed use cases in the literature are correspondingly longer. Before discussing each category in the next sections, Fig.  4 provides an overview of the number of datasets found and their year of creation. Figure  5 then shows the relationship between studies and datasets in the period under consideration. Figure  6 shows the distribution of studies, their use of datasets and their creation date. The number of datasets used is higher than the number of studies because the studies often used several datasets (Table 1 ).

Distribution of dataset results

Correlation between the studies and the datasets

Distribution of studies and their use of datasets

Most of the datasets are generated in the U.S. (up to 58.2%). Canada and Australia rank next, with 11.3% and 5% of all the reviewed datasets, respectively.

Additionally, to create value for the datasets for the cyber insurance industry, an assessment of the applicability of each dataset has been provided for cyber insurers. This ‘Use Case Assessment’ includes the use of the data in the context of different analyses, calculation of cyber insurance premiums, and use of the information for the design of cyber insurance contracts or for additional customer services. To reasonably account for the transition of direct hyperlinks in the future, references were directed to the main websites for longevity (nearest resource point). In addition, the links to the main pages contain further information on the datasets and different versions related to the operating systems. The references were chosen in such a way that practitioners get the best overview of the respective datasets.

Case datasets

This section presents selected articles that use the datasets to analyse the causes of cyber risks. The datasets help identify emerging trends and allow pattern discovery in cyber risks. This information gives cybersecurity experts and cyber insurers the data to make better predictions and take appropriate action. For example, if certain vulnerabilities are not adequately protected, cyber insurers will demand a risk surcharge leading to an improvement in the risk-adjusted premium. Due to the capricious nature of cyber risks, existing data must be supplemented with new data sources (for example, new events, new methods or security vulnerabilities) to determine prevailing cyber exposure. The datasets of cyber risk causes could be combined with existing portfolio data from cyber insurers and integrated into existing pricing tools and factors to improve the valuation of cyber risks.

A portion of these datasets consists of several taxonomies and classifications of cyber risks. Aassal et al. ( 2020 ) propose a new taxonomy of phishing characteristics based on the interpretation and purpose of each characteristic. In comparison, Hindy et al. ( 2020 ) presented a taxonomy of network threats and the impact of current datasets on intrusion detection systems. A similar taxonomy was suggested by Kiwia et al. ( 2018 ). The authors presented a cyber kill chain-based taxonomy of banking Trojans features. The taxonomy built on a real-world dataset of 127 banking Trojans collected from December 2014 to January 2016 by a major U.K.-based financial organisation.

In the context of classification, Aamir et al. ( 2021 ) showed the benefits of machine learning for classifying port scans and DDoS attacks in a mixture of normal and attack traffic. Guo et al. ( 2020 ) presented a new method to improve malware classification based on entropy sequence features. The evaluation of this new method was conducted on different malware datasets.

To reconstruct attack scenarios and draw conclusions based on the evidence in the alert stream, Barzegar and Shajari ( 2018 ) use the DARPA2000 and MACCDC 2012 dataset for their research. Giudici and Raffinetti ( 2020 ) proposed a rank-based statistical model aimed at predicting the severity levels of cyber risk. The model used cyber risk data from the University of Milan. In contrast to the previous datasets, Skrjanc et al. ( 2018 ) used the older dataset KDD99 to monitor large-scale cyberattacks using a cauchy clustering method.

Amin et al. ( 2021 ) used a cyberattack dataset from the Canadian Institute for Cybersecurity to identify spatial clusters of countries with high rates of cyberattacks. In the context of cybercrime, Junger et al. ( 2020 ) examined crime scripts, key characteristics of the target company and the relationship between criminal effort and financial benefit. For their study, the authors analysed 300 cases of fraudulent activities against Dutch companies. With a similar focus on cybercrime, Mireles et al. ( 2019 ) proposed a metric framework to measure the effectiveness of the dynamic evolution of cyberattacks and defensive measures. To validate its usefulness, they used the DEFCON dataset.

Due to the rapidly changing nature of cyber risks, it is often impossible to obtain all information on them. Kim and Kim ( 2019 ) proposed an automated dataset generation system called CTIMiner that collects threat data from publicly available security reports and malware repositories. They released a dataset to the public containing about 640,000 records from 612 security reports published between January 2008 and 2019. A similar approach is proposed by Kim et al. ( 2020 ), using a named entity recognition system to extract core information from cyber threat reports automatically. They created a 498,000-tag dataset during their research (Ulven and Wangen 2021 ).

Within the framework of vulnerabilities and cybersecurity issues, Ulven and Wangen ( 2021 ) proposed an overview of mission-critical assets and everyday threat events, suggested a generic threat model, and summarised common cybersecurity vulnerabilities. With a focus on hospitality, Chen and Fiscus ( 2018 ) proposed several issues related to cybersecurity in this sector. They analysed 76 security incidents from the Privacy Rights Clearinghouse database. Supplementary Table 1 lists all findings that belong to the cyber causes dataset.

Impact datasets

This section outlines selected findings of the cyber impact dataset. For cyber insurers, these datasets can form an important basis for information, as they can be used to calculate cyber insurance premiums, evaluate specific cyber risks, formulate inclusions and exclusions in cyber wordings, and re-evaluate as well as supplement the data collected so far on cyber risks. For example, information on financial losses can help to better assess the loss potential of cyber risks. Furthermore, the datasets can provide insight into the frequency of occurrence of these cyber risks. The new datasets can be used to close any data gaps that were previously based on very approximate estimates or to find new results.

Eight studies addressed the costs of data breaches. For instance, Eling and Jung ( 2018 ) reviewed 3327 data breach events from 2005 to 2016 and identified an asymmetric dependence of monthly losses by breach type and industry. The authors used datasets from the Privacy Rights Clearinghouse for analysis. The Privacy Rights Clearinghouse datasets and the Breach level index database were also used by De Giovanni et al. ( 2020 ) to describe relationships between data breaches and bitcoin-related variables using the cointegration methodology. The data were obtained from the Department of Health and Human Services of healthcare facilities reporting data breaches and a national database of technical and organisational infrastructure information. Also in the context of data breaches, Algarni et al. ( 2021 ) developed a comprehensive, formal model that estimates the two components of security risks: breach cost and the likelihood of a data breach within 12 months. For their survey, the authors used two industrial reports from the Ponemon institute and VERIZON. To illustrate the scope of data breaches, Neto et al. ( 2021 ) identified 430 major data breach incidents among more than 10,000 incidents. The database created is available and covers the period 2018 to 2019.

With a direct focus on insurance, Biener et al. ( 2015 ) analysed 994 cyber loss cases from an operational risk database and investigated the insurability of cyber risks based on predefined criteria. For their study, they used data from the company SAS OpRisk Global Data. Similarly, Eling and Wirfs ( 2019 ) looked at a wide range of cyber risk events and actual cost data using the same database. They identified cyber losses and analysed them using methods from statistics and actuarial science. Using a similar reference, Farkas et al. ( 2021 ) proposed a method for analysing cyber claims based on regression trees to identify criteria for classifying and evaluating claims. Similar to Chen and Fiscus ( 2018 ), the dataset used was the Privacy Rights Clearinghouse database. Within the framework of reinsurance, Moro ( 2020 ) analysed cyber index-based information technology activity to see if index-parametric reinsurance coverage could suggest its cedant using data from a Symantec dataset.

Paté-Cornell et al. ( 2018 ) presented a general probabilistic risk analysis framework for cybersecurity in an organisation to be specified. The results are distributions of losses to cyberattacks, with and without considered countermeasures in support of risk management decisions based both on past data and anticipated incidents. The data used were from The Common Vulnerability and Exposures database and via confidential access to a database of cyberattacks on a large, U.S.-based organisation. A different conceptual framework for cyber risk classification and assessment was proposed by Sheehan et al. ( 2021 ). This framework showed the importance of proactive and reactive barriers in reducing companies’ exposure to cyber risk and quantifying the risk. Another approach to cyber risk assessment and mitigation was proposed by Mukhopadhyay et al. ( 2019 ). They estimated the probability of an attack using generalised linear models, predicted the security technology required to reduce the probability of cyberattacks, and used gamma and exponential distributions to best approximate the average loss data for each malicious attack. They also calculated the expected loss due to cyberattacks, calculated the net premium that would need to be charged by a cyber insurer, and suggested cyber insurance as a strategy to minimise losses. They used the CSI-FBI survey (1997–2010) to conduct their research.

In order to highlight the lack of data on cyber risks, Eling ( 2020 ) conducted a literature review in the areas of cyber risk and cyber insurance. Available information on the frequency, severity, and dependency structure of cyber risks was filtered out. In addition, open questions for future cyber risk research were set up. Another example of data collection on the impact of cyberattacks is provided by Sornette et al. ( 2013 ), who use a database of newspaper articles, press reports and other media to provide a predictive method to identify triggering events and potential accident scenarios and estimate their severity and frequency. A similar approach to data collection was used by Arcuri et al. ( 2020 ) to gather an original sample of global cyberattacks from newspaper reports sourced from the LexisNexis database. This collection is also used and applied to the fields of dynamic communication and cyber risk perception by Fang et al. ( 2021 ). To create a dataset of cyber incidents and disputes, Valeriano and Maness ( 2014 ) collected information on cyber interactions between rival states.

To assess trends and the scale of economic cybercrime, Levi ( 2017 ) examined datasets from different countries and their impact on crime policy. Pooser et al. ( 2018 ) investigated the trend in cyber risk identification from 2006 to 2015 and company characteristics related to cyber risk perception. The authors used a dataset of various reports from cyber insurers for their study. Walker-Roberts et al. ( 2020 ) investigated the spectrum of risk of a cybersecurity incident taking place in the cyber-physical-enabled world using the VERIS Community Database. The datasets of impacts identified are presented below. Due to overlap, some may also appear in the causes dataset (Supplementary Table 2).

Cybersecurity datasets

General intrusion detection.

General intrusion detection systems account for the largest share of countermeasure datasets. For companies or researchers focused on cybersecurity, the datasets can be used to test their own countermeasures or obtain information about potential vulnerabilities. For example, Al-Omari et al. ( 2021 ) proposed an intelligent intrusion detection model for predicting and detecting attacks in cyberspace, which was applied to dataset UNSW-NB 15. A similar approach was taken by Choras and Kozik ( 2015 ), who used machine learning to detect cyberattacks on web applications. To evaluate their method, they used the HTTP dataset CSIC 2010. For the identification of unknown attacks on web servers, Kamarudin et al. ( 2017 ) proposed an anomaly-based intrusion detection system using an ensemble classification approach. Ganeshan and Rodrigues ( 2020 ) showed an intrusion detection system approach, which clusters the database into several groups and detects the presence of intrusion in the clusters. In comparison, AlKadi et al. ( 2019 ) used a localisation-based model to discover abnormal patterns in network traffic. Hybrid models have been recommended by Bhattacharya et al. ( 2020 ) and Agrawal et al. ( 2019 ); the former is a machine-learning model based on principal component analysis for the classification of intrusion detection system datasets, while the latter is a hybrid ensemble intrusion detection system for anomaly detection using different datasets to detect patterns in network traffic that deviate from normal behaviour.

Agarwal et al. ( 2021 ) used three different machine learning algorithms in their research to find the most suitable for efficiently identifying patterns of suspicious network activity. The UNSW-NB15 dataset was used for this purpose. Kasongo and Sun ( 2020 ), Feed-Forward Deep Neural Network (FFDNN), Keshk et al. ( 2021 ), the privacy-preserving anomaly detection framework, and others also use the UNSW-NB 15 dataset as part of intrusion detection systems. The same dataset and others were used by Binbusayyis and Vaiyapuri ( 2019 ) to identify and compare key features for cyber intrusion detection. Atefinia and Ahmadi ( 2021 ) proposed a deep neural network model to reduce the false positive rate of an anomaly-based intrusion detection system. Fossaceca et al. ( 2015 ) focused in their research on the development of a framework that combined the outputs of multiple learners in order to improve the efficacy of network intrusion, and Gauthama Raman et al. ( 2020 ) presented a search algorithm based on Support Vector machine to improve the performance of the detection and false alarm rate to improve intrusion detection techniques. Ahmad and Alsemmeari ( 2020 ) targeted extreme learning machine techniques due to their good capabilities in classification problems and handling huge data. They used the NSL-KDD dataset as a benchmark.

With reference to prediction, Bakdash et al. ( 2018 ) used datasets from the U.S. Department of Defence to predict cyberattacks by malware. This dataset consists of weekly counts of cyber events over approximately seven years. Another prediction method was presented by Fan et al. ( 2018 ), which showed an improved integrated cybersecurity prediction method based on spatial-time analysis. Also, with reference to prediction, Ashtiani and Azgomi ( 2014 ) proposed a framework for the distributed simulation of cyberattacks based on high-level architecture. Kirubavathi and Anitha ( 2016 ) recommended an approach to detect botnets, irrespective of their structures, based on network traffic flow behaviour analysis and machine-learning techniques. Dwivedi et al. ( 2021 ) introduced a multi-parallel adaptive technique to utilise an adaption mechanism in the group of swarms for network intrusion detection. AlEroud and Karabatis ( 2018 ) presented an approach that used contextual information to automatically identify and query possible semantic links between different types of suspicious activities extracted from network flows.

Intrusion detection systems with a focus on IoT

In addition to general intrusion detection systems, a proportion of studies focused on IoT. Habib et al. ( 2020 ) presented an approach for converting traditional intrusion detection systems into smart intrusion detection systems for IoT networks. To enhance the process of diagnostic detection of possible vulnerabilities with an IoT system, Georgescu et al. ( 2019 ) introduced a method that uses a named entity recognition-based solution. With regard to IoT in the smart home sector, Heartfield et al. ( 2021 ) presented a detection system that is able to autonomously adjust the decision function of its underlying anomaly classification models to a smart home’s changing condition. Another intrusion detection system was suggested by Keserwani et al. ( 2021 ), which combined Grey Wolf Optimization and Particle Swam Optimization to identify various attacks for IoT networks. They used the KDD Cup 99, NSL-KDD and CICIDS-2017 to evaluate their model. Abu Al-Haija and Zein-Sabatto ( 2020 ) provide a comprehensive development of a new intelligent and autonomous deep-learning-based detection and classification system for cyberattacks in IoT communication networks that leverage the power of convolutional neural networks, abbreviated as IoT-IDCS-CNN (IoT-based Intrusion Detection and Classification System using Convolutional Neural Network). To evaluate the development, the authors used the NSL-KDD dataset. Biswas and Roy ( 2021 ) recommended a model that identifies malicious botnet traffic using novel deep-learning approaches like artificial neural networks gutted recurrent units and long- or short-term memory models. They tested their model with the Bot-IoT dataset.

With a more forensic background, Koroniotis et al. ( 2020 ) submitted a network forensic framework, which described the digital investigation phases for identifying and tracing attack behaviours in IoT networks. The suggested work was evaluated with the Bot-IoT and UINSW-NB15 datasets. With a focus on big data and IoT, Chhabra et al. ( 2020 ) presented a cyber forensic framework for big data analytics in an IoT environment using machine learning. Furthermore, the authors mentioned different publicly available datasets for machine-learning models.

A stronger focus on a mobile phones was exhibited by Alazab et al. ( 2020 ), which presented a classification model that combined permission requests and application programme interface calls. The model was tested with a malware dataset containing 27,891 Android apps. A similar approach was taken by Li et al. ( 2019a , b ), who proposed a reliable classifier for Android malware detection based on factorisation machine architecture and extraction of Android app features from manifest files and source code.

Literature reviews

In addition to the different methods and models for intrusion detection systems, various literature reviews on the methods and datasets were also found. Liu and Lang ( 2019 ) proposed a taxonomy of intrusion detection systems that uses data objects as the main dimension to classify and summarise machine learning and deep learning-based intrusion detection literature. They also presented four different benchmark datasets for machine-learning detection systems. Ahmed et al. ( 2016 ) presented an in-depth analysis of four major categories of anomaly detection techniques, which include classification, statistical, information theory and clustering. Hajj et al. ( 2021 ) gave a comprehensive overview of anomaly-based intrusion detection systems. Their article gives an overview of the requirements, methods, measurements and datasets that are used in an intrusion detection system.

Within the framework of machine learning, Chattopadhyay et al. ( 2018 ) conducted a comprehensive review and meta-analysis on the application of machine-learning techniques in intrusion detection systems. They also compared different machine learning techniques in different datasets and summarised the performance. Vidros et al. ( 2017 ) presented an overview of characteristics and methods in automatic detection of online recruitment fraud. They also published an available dataset of 17,880 annotated job ads, retrieved from the use of a real-life system. An empirical study of different unsupervised learning algorithms used in the detection of unknown attacks was presented by Meira et al. ( 2020 ).

New datasets

Kilincer et al. ( 2021 ) reviewed different intrusion detection system datasets in detail. They had a closer look at the UNS-NB15, ISCX-2012, NSL-KDD and CIDDS-001 datasets. Stojanovic et al. ( 2020 ) also provided a review on datasets and their creation for use in advanced persistent threat detection in the literature. Another review of datasets was provided by Sarker et al. ( 2020 ), who focused on cybersecurity data science as part of their research and provided an overview from a machine-learning perspective. Avila et al. ( 2021 ) conducted a systematic literature review on the use of security logs for data leak detection. They recommended a new classification of information leak, which uses the GDPR principles, identified the most widely publicly available dataset for threat detection, described the attack types in the datasets and the algorithms used for data leak detection. Tuncer et al. ( 2020 ) presented a bytecode-based detection method consisting of feature extraction using local neighbourhood binary patterns. They chose a byte-based malware dataset to investigate the performance of the proposed local neighbourhood binary pattern-based detection method. With a different focus, Mauro et al. ( 2020 ) gave an experimental overview of neural-based techniques relevant to intrusion detection. They assessed the value of neural networks using the Bot-IoT and UNSW-DB15 datasets.

Another category of results in the context of countermeasure datasets is those that were presented as new. Moreno et al. ( 2018 ) developed a database of 300 security-related accidents from European and American sources. The database contained cybersecurity-related events in the chemical and process industry. Damasevicius et al. ( 2020 ) proposed a new dataset (LITNET-2020) for network intrusion detection. The dataset is a new annotated network benchmark dataset obtained from the real-world academic network. It presents real-world examples of normal and under-attack network traffic. With a focus on IoT intrusion detection systems, Alsaedi et al. ( 2020 ) proposed a new benchmark IoT/IIot datasets for assessing intrusion detection system-enabled IoT systems. Also in the context of IoT, Vaccari et al. ( 2020 ) proposed a dataset focusing on message queue telemetry transport protocols, which can be used to train machine-learning models. To evaluate the performance of machine-learning classifiers, Mahfouz et al. ( 2020 ) created a dataset called Game Theory and Cybersecurity (GTCS). A dataset containing 22,000 malware and benign samples was constructed by Martin et al. ( 2019 ). The dataset can be used as a benchmark to test the algorithm for Android malware classification and clustering techniques. In addition, Laso et al. ( 2017 ) presented a dataset created to investigate how data and information quality estimates enable the detection of anomalies and malicious acts in cyber-physical systems. The dataset contained various cyberattacks and is publicly available.

In addition to the results described above, several other studies were found that fit into the category of countermeasures. Johnson et al. ( 2016 ) examined the time between vulnerability disclosures. Using another vulnerabilities database, Common Vulnerabilities and Exposures (CVE), Subroto and Apriyana ( 2019 ) presented an algorithm model that uses big data analysis of social media and statistical machine learning to predict cyber risks. A similar databank but with a different focus, Common Vulnerability Scoring System, was used by Chatterjee and Thekdi ( 2020 ) to present an iterative data-driven learning approach to vulnerability assessment and management for complex systems. Using the CICIDS2017 dataset to evaluate the performance, Malik et al. ( 2020 ) proposed a control plane-based orchestration for varied, sophisticated threats and attacks. The same dataset was used in another study by Lee et al. ( 2019 ), who developed an artificial security information event management system based on a combination of event profiling for data processing and different artificial network methods. To exploit the interdependence between multiple series, Fang et al. ( 2021 ) proposed a statistical framework. In order to validate the framework, the authors applied it to a dataset of enterprise-level security breaches from the Privacy Rights Clearinghouse and Identity Theft Center database. Another framework with a defensive aspect was recommended by Li et al. ( 2021 ) to increase the robustness of deep neural networks against adversarial malware evasion attacks. Sarabi et al. ( 2016 ) investigated whether and to what extent business details can help assess an organisation's risk of data breaches and the distribution of risk across different types of incidents to create policies for protection, detection and recovery from different forms of security incidents. They used data from the VERIS Community Database.

Datasets that have been classified into the cybersecurity category are detailed in Supplementary Table 3. Due to overlap, records from the previous tables may also be included.

This paper presented a systematic literature review of studies on cyber risk and cybersecurity that used datasets. Within this framework, 255 studies were fully reviewed and then classified into three different categories. Then, 79 datasets were consolidated from these studies. These datasets were subsequently analysed, and important information was selected through a process of filtering out. This information was recorded in a table and enhanced with further information as part of the literature analysis. This made it possible to create a comprehensive overview of the datasets. For example, each dataset contains a description of where the data came from and how the data has been used to date. This allows different datasets to be compared and the appropriate dataset for the use case to be selected. This research certainly has limitations, so our selection of datasets cannot necessarily be taken as a representation of all available datasets related to cyber risks and cybersecurity. For example, literature searches were conducted in four academic databases and only found datasets that were used in the literature. Many research projects also used old datasets that may no longer consider current developments. In addition, the data are often focused on only one observation and are limited in scope. For example, the datasets can only be applied to specific contexts and are also subject to further limitations (e.g. region, industry, operating system). In the context of the applicability of the datasets, it is unfortunately not possible to make a clear statement on the extent to which they can be integrated into academic or practical areas of application or how great this effort is. Finally, it remains to be pointed out that this is an overview of currently available datasets, which are subject to constant change.

Due to the lack of datasets on cyber risks in the academic literature, additional datasets on cyber risks were integrated as part of a further search. The search was conducted on the Google Dataset search portal. The search term used was ‘cyber risk datasets’. Over 100 results were found. However, due to the low significance and verifiability, only 20 selected datasets were included. These can be found in Table 2  in the “ Appendix ”.

The results of the literature review and datasets also showed that there continues to be a lack of available, open cyber datasets. This lack of data is reflected in cyber insurance, for example, as it is difficult to find a risk-based premium without a sufficient database (Nurse et al. 2020 ). The global cyber insurance market was estimated at USD 5.5 billion in 2020 (Dyson 2020 ). When compared to the USD 1 trillion global losses from cybercrime (Maleks Smith et al. 2020 ), it is clear that there exists a significant cyber risk awareness challenge for both the insurance industry and international commerce. Without comprehensive and qualitative data on cyber losses, it can be difficult to estimate potential losses from cyberattacks and price cyber insurance accordingly (GAO 2021 ). For instance, the average cyber insurance loss increased from USD 145,000 in 2019 to USD 359,000 in 2020 (FitchRatings 2021 ). Cyber insurance is an important risk management tool to mitigate the financial impact of cybercrime. This is particularly evident in the impact of different industries. In the Energy & Commodities financial markets, a ransomware attack on the Colonial Pipeline led to a substantial impact on the U.S. economy. As a result of the attack, about 45% of the U.S. East Coast was temporarily unable to obtain supplies of diesel, petrol and jet fuel. This caused the average price in the U.S. to rise 7 cents to USD 3.04 per gallon, the highest in seven years (Garber 2021 ). In addition, Colonial Pipeline confirmed that it paid a USD 4.4 million ransom to a hacker gang after the attack. Another ransomware attack occurred in the healthcare and government sector. The victim of this attack was the Irish Health Service Executive (HSE). A ransom payment of USD 20 million was demanded from the Irish government to restore services after the hack (Tidy 2021 ). In the car manufacturing sector, Miller and Valasek ( 2015 ) initiated a cyberattack that resulted in the recall of 1.4 million vehicles and cost manufacturers EUR 761 million. The risk that arises in the context of these events is the potential for the accumulation of cyber losses, which is why cyber insurers are not expanding their capacity. An example of this accumulation of cyber risks is the NotPetya malware attack, which originated in Russia, struck in Ukraine, and rapidly spread around the world, causing at least USD 10 billion in damage (GAO 2021 ). These events highlight the importance of proper cyber risk management.

This research provides cyber insurance stakeholders with an overview of cyber datasets. Cyber insurers can use the open datasets to improve their understanding and assessment of cyber risks. For example, the impact datasets can be used to better measure financial impacts and their frequencies. These data could be combined with existing portfolio data from cyber insurers and integrated with existing pricing tools and factors to better assess cyber risk valuation. Although most cyber insurers have sparse historical cyber policy and claims data, they remain too small at present for accurate prediction (Bessy-Roland et al. 2021 ). A combination of portfolio data and external datasets would support risk-adjusted pricing for cyber insurance, which would also benefit policyholders. In addition, cyber insurance stakeholders can use the datasets to identify patterns and make better predictions, which would benefit sustainable cyber insurance coverage. In terms of cyber risk cause datasets, cyber insurers can use the data to review their insurance products. For example, the data could provide information on which cyber risks have not been sufficiently considered in product design or where improvements are needed. A combination of cyber cause and cybersecurity datasets can help establish uniform definitions to provide greater transparency and clarity. Consistent terminology could lead to a more sustainable cyber market, where cyber insurers make informed decisions about the level of coverage and policyholders understand their coverage (The Geneva Association 2020).

In addition to the cyber insurance community, this research also supports cybersecurity stakeholders. The reviewed literature can be used to provide a contemporary, contextual and categorised summary of available datasets. This supports efficient and timely progress in cyber risk research and is beneficial given the dynamic nature of cyber risks. With the help of the described cybersecurity datasets and the identified information, a comparison of different datasets is possible. The datasets can be used to evaluate the effectiveness of countermeasures in simulated cyberattacks or to test intrusion detection systems.

In this paper, we conducted a systematic review of studies on cyber risk and cybersecurity databases. We found that most of the datasets are in the field of intrusion detection and machine learning and are used for technical cybersecurity aspects. The available datasets on cyber risks were relatively less represented. Due to the dynamic nature and lack of historical data, assessing and understanding cyber risk is a major challenge for cyber insurance stakeholders. To address this challenge, a greater density of cyber data is needed to support cyber insurers in risk management and researchers with cyber risk-related topics. With reference to ‘Open Science’ FAIR data (Jacobsen et al. 2020 ), mandatory reporting of cyber incidents could help improve cyber understanding, awareness and loss prevention among companies and insurers. Through greater availability of data, cyber risks can be better understood, enabling researchers to conduct more in-depth research into these risks. Companies could incorporate this new knowledge into their corporate culture to reduce cyber risks. For insurance companies, this would have the advantage that all insurers would have the same understanding of cyber risks, which would support sustainable risk-based pricing. In addition, common definitions of cyber risks could be derived from new data.

The cybersecurity databases summarised and categorised in this research could provide a different perspective on cyber risks that would enable the formulation of common definitions in cyber policies. The datasets can help companies addressing cybersecurity and cyber risk as part of risk management assess their internal cyber posture and cybersecurity measures. The paper can also help improve risk awareness and corporate behaviour, and provides the research community with a comprehensive overview of peer-reviewed datasets and other available datasets in the area of cyber risk and cybersecurity. This approach is intended to support the free availability of data for research. The complete tabulated review of the literature is included in the Supplementary Material.

This work provides directions for several paths of future work. First, there are currently few publicly available datasets for cyber risk and cybersecurity. The older datasets that are still widely used no longer reflect today's technical environment. Moreover, they can often only be used in one context, and the scope of the samples is very limited. It would be of great value if more datasets were publicly available that reflect current environmental conditions. This could help intrusion detection systems to consider current events and thus lead to a higher success rate. It could also compensate for the disadvantages of older datasets by collecting larger quantities of samples and making this contextualisation more widespread. Another area of research may be the integratability and adaptability of cybersecurity and cyber risk datasets. For example, it is often unclear to what extent datasets can be integrated or adapted to existing data. For cyber risks and cybersecurity, it would be helpful to know what requirements need to be met or what is needed to use the datasets appropriately. In addition, it would certainly be helpful to know whether datasets can be modified to be used for cyber risks or cybersecurity. Finally, the ability for stakeholders to identify machine-readable cybersecurity datasets would be useful because it would allow for even clearer delineations or comparisons between datasets. Due to the lack of publicly available datasets, concrete benchmarks often cannot be applied.

Average cost of a breach of more than 50 million records.

Aamir, M., S.S.H. Rizvi, M.A. Hashmani, M. Zubair, and J. Ahmad. 2021. Machine learning classification of port scanning and DDoS attacks: A comparative analysis. Mehran University Research Journal of Engineering and Technology 40 (1): 215–229. https://doi.org/10.22581/muet1982.2101.19 .

Article   Google Scholar  

Aamir, M., and S.M.A. Zaidi. 2019. DDoS attack detection with feature engineering and machine learning: The framework and performance evaluation. International Journal of Information Security 18 (6): 761–785. https://doi.org/10.1007/s10207-019-00434-1 .

Aassal, A. El, S. Baki, A. Das, and R.M. Verma. 2020. 2020. An in-depth benchmarking and evaluation of phishing detection research for security needs. IEEE Access 8: 22170–22192. https://doi.org/10.1109/ACCESS.2020.2969780 .

Abu Al-Haija, Q., and S. Zein-Sabatto. 2020. An efficient deep-learning-based detection and classification system for cyber-attacks in IoT communication networks. Electronics 9 (12): 26. https://doi.org/10.3390/electronics9122152 .

Adhikari, U., T.H. Morris, and S.Y. Pan. 2018. Applying Hoeffding adaptive trees for real-time cyber-power event and intrusion classification. IEEE Transactions on Smart Grid 9 (5): 4049–4060. https://doi.org/10.1109/tsg.2017.2647778 .

Agarwal, A., P. Sharma, M. Alshehri, A.A. Mohamed, and O. Alfarraj. 2021. Classification model for accuracy and intrusion detection using machine learning approach. PeerJ Computer Science . https://doi.org/10.7717/peerj-cs.437 .

Agrafiotis, I., J.R.C.. Nurse, M. Goldsmith, S. Creese, and D. Upton. 2018. A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate. Journal of Cybersecurity 4: tyy006.

Agrawal, A., S. Mohammed, and J. Fiaidhi. 2019. Ensemble technique for intruder detection in network traffic. International Journal of Security and Its Applications 13 (3): 1–8. https://doi.org/10.33832/ijsia.2019.13.3.01 .

Ahmad, I., and R.A. Alsemmeari. 2020. Towards improving the intrusion detection through ELM (extreme learning machine). CMC Computers Materials & Continua 65 (2): 1097–1111. https://doi.org/10.32604/cmc.2020.011732 .

Ahmed, M., A.N. Mahmood, and J.K. Hu. 2016. A survey of network anomaly detection techniques. Journal of Network and Computer Applications 60: 19–31. https://doi.org/10.1016/j.jnca.2015.11.016 .

Al-Jarrah, O.Y., O. Alhussein, P.D. Yoo, S. Muhaidat, K. Taha, and K. Kim. 2016. Data randomization and cluster-based partitioning for Botnet intrusion detection. IEEE Transactions on Cybernetics 46 (8): 1796–1806. https://doi.org/10.1109/TCYB.2015.2490802 .

Al-Mhiqani, M.N., R. Ahmad, Z.Z. Abidin, W. Yassin, A. Hassan, K.H. Abdulkareem, N.S. Ali, and Z. Yunos. 2020. A review of insider threat detection: Classification, machine learning techniques, datasets, open challenges, and recommendations. Applied Sciences—Basel 10 (15): 41. https://doi.org/10.3390/app10155208 .

Al-Omari, M., M. Rawashdeh, F. Qutaishat, M. Alshira’H, and N. Ababneh. 2021. An intelligent tree-based intrusion detection model for cyber security. Journal of Network and Systems Management 29 (2): 18. https://doi.org/10.1007/s10922-021-09591-y .

Alabdallah, A., and M. Awad. 2018. Using weighted Support Vector Machine to address the imbalanced classes problem of Intrusion Detection System. KSII Transactions on Internet and Information Systems 12 (10): 5143–5158. https://doi.org/10.3837/tiis.2018.10.027 .

Alazab, M., M. Alazab, A. Shalaginov, A. Mesleh, and A. Awajan. 2020. Intelligent mobile malware detection using permission requests and API calls. Future Generation Computer Systems—the International Journal of eScience 107: 509–521. https://doi.org/10.1016/j.future.2020.02.002 .

Albahar, M.A., R.A. Al-Falluji, and M. Binsawad. 2020. An empirical comparison on malicious activity detection using different neural network-based models. IEEE Access 8: 61549–61564. https://doi.org/10.1109/ACCESS.2020.2984157 .

AlEroud, A.F., and G. Karabatis. 2018. Queryable semantics to detect cyber-attacks: A flow-based detection approach. IEEE Transactions on Systems, Man, and Cybernetics: Systems 48 (2): 207–223. https://doi.org/10.1109/TSMC.2016.2600405 .

Algarni, A.M., V. Thayananthan, and Y.K. Malaiya. 2021. Quantitative assessment of cybersecurity risks for mitigating data breaches in business systems. Applied Sciences (switzerland) . https://doi.org/10.3390/app11083678 .

Alhowaide, A., I. Alsmadi, and J. Tang. 2021. Towards the design of real-time autonomous IoT NIDS. Cluster Computing—the Journal of Networks Software Tools and Applications . https://doi.org/10.1007/s10586-021-03231-5 .

Ali, S., and Y. Li. 2019. Learning multilevel auto-encoders for DDoS attack detection in smart grid network. IEEE Access 7: 108647–108659. https://doi.org/10.1109/ACCESS.2019.2933304 .

AlKadi, O., N. Moustafa, B. Turnbull, and K.K.R. Choo. 2019. Mixture localization-based outliers models for securing data migration in cloud centers. IEEE Access 7: 114607–114618. https://doi.org/10.1109/ACCESS.2019.2935142 .

Allianz. 2021. Allianz Risk Barometer. https://www.agcs.allianz.com/content/dam/onemarketing/agcs/agcs/reports/Allianz-Risk-Barometer-2021.pdf . Accessed 15 May 2021.

Almiani, M., A. AbuGhazleh, A. Al-Rahayfeh, S. Atiewi, and Razaque, A. 2020. Deep recurrent neural network for IoT intrusion detection system. Simulation Modelling Practice and Theory 101: 102031. https://doi.org/10.1016/j.simpat.2019.102031

Alsaedi, A., N. Moustafa, Z. Tari, A. Mahmood, and A. Anwar. 2020. TON_IoT telemetry dataset: A new generation dataset of IoT and IIoT for data-driven intrusion detection systems. IEEE Access 8: 165130–165150. https://doi.org/10.1109/access.2020.3022862 .

Alsamiri, J., and K. Alsubhi. 2019. Internet of Things cyber attacks detection using machine learning. International Journal of Advanced Computer Science and Applications 10 (12): 627–634.

Alsharafat, W. 2013. Applying artificial neural network and eXtended classifier system for network intrusion detection. International Arab Journal of Information Technology 10 (3): 230–238.

Google Scholar  

Amin, R.W., H.E. Sevil, S. Kocak, G. Francia III., and P. Hoover. 2021. The spatial analysis of the malicious uniform resource locators (URLs): 2016 dataset case study. Information (switzerland) 12 (1): 1–18. https://doi.org/10.3390/info12010002 .

Arcuri, M.C., L.Z. Gai, F. Ielasi, and E. Ventisette. 2020. Cyber attacks on hospitality sector: Stock market reaction. Journal of Hospitality and Tourism Technology 11 (2): 277–290. https://doi.org/10.1108/jhtt-05-2019-0080 .

Arp, D., M. Spreitzenbarth, M. Hubner, H. Gascon, K. Rieck, and C.E.R.T. Siemens. 2014. Drebin: Effective and explainable detection of android malware in your pocket. In Ndss 14: 23–26.

Ashtiani, M., and M.A. Azgomi. 2014. A distributed simulation framework for modeling cyber attacks and the evaluation of security measures. Simulation 90 (9): 1071–1102. https://doi.org/10.1177/0037549714540221 .

Atefinia, R., and M. Ahmadi. 2021. Network intrusion detection using multi-architectural modular deep neural network. Journal of Supercomputing 77 (4): 3571–3593. https://doi.org/10.1007/s11227-020-03410-y .

Avila, R., R. Khoury, R. Khoury, and F. Petrillo. 2021. Use of security logs for data leak detection: A systematic literature review. Security and Communication Networks 2021: 29. https://doi.org/10.1155/2021/6615899 .

Azeez, N.A., T.J. Ayemobola, S. Misra, R. Maskeliunas, and R. Damasevicius. 2019. Network Intrusion Detection with a Hashing Based Apriori Algorithm Using Hadoop MapReduce. Computers 8 (4): 15. https://doi.org/10.3390/computers8040086 .

Bakdash, J.Z., S. Hutchinson, E.G. Zaroukian, L.R. Marusich, S. Thirumuruganathan, C. Sample, B. Hoffman, and G. Das. 2018. Malware in the future forecasting of analyst detection of cyber events. Journal of Cybersecurity . https://doi.org/10.1093/cybsec/tyy007 .

Barletta, V.S., D. Caivano, A. Nannavecchia, and M. Scalera. 2020. Intrusion detection for in-vehicle communication networks: An unsupervised Kohonen SOM approach. Future Internet . https://doi.org/10.3390/FI12070119 .

Barzegar, M., and M. Shajari. 2018. Attack scenario reconstruction using intrusion semantics. Expert Systems with Applications 108: 119–133. https://doi.org/10.1016/j.eswa.2018.04.030 .

Bessy-Roland, Y., A. Boumezoued, and C. Hillairet. 2021. Multivariate Hawkes process for cyber insurance. Annals of Actuarial Science 15 (1): 14–39.

Bhardwaj, A., V. Mangat, and R. Vig. 2020. Hyperband tuned deep neural network with well posed stacked sparse AutoEncoder for detection of DDoS attacks in cloud. IEEE Access 8: 181916–181929. https://doi.org/10.1109/ACCESS.2020.3028690 .

Bhati, B.S., C.S. Rai, B. Balamurugan, and F. Al-Turjman. 2020. An intrusion detection scheme based on the ensemble of discriminant classifiers. Computers & Electrical Engineering 86: 9. https://doi.org/10.1016/j.compeleceng.2020.106742 .

Bhattacharya, S., S.S.R. Krishnan, P.K.R. Maddikunta, R. Kaluri, S. Singh, T.R. Gadekallu, M. Alazab, and U. Tariq. 2020. A novel PCA-firefly based XGBoost classification model for intrusion detection in networks using GPU. Electronics 9 (2): 16. https://doi.org/10.3390/electronics9020219 .

Bibi, I., A. Akhunzada, J. Malik, J. Iqbal, A. Musaddiq, and S. Kim. 2020. A dynamic DL-driven architecture to combat sophisticated android malware. IEEE Access 8: 129600–129612. https://doi.org/10.1109/ACCESS.2020.3009819 .

Biener, C., M. Eling, and J.H. Wirfs. 2015. Insurability of cyber risk: An empirical analysis. The   Geneva Papers on Risk and Insurance—Issues and Practice 40 (1): 131–158. https://doi.org/10.1057/gpp.2014.19 .

Binbusayyis, A., and T. Vaiyapuri. 2019. Identifying and benchmarking key features for cyber intrusion detection: An ensemble approach. IEEE Access 7: 106495–106513. https://doi.org/10.1109/ACCESS.2019.2929487 .

Biswas, R., and S. Roy. 2021. Botnet traffic identification using neural networks. Multimedia Tools and Applications . https://doi.org/10.1007/s11042-021-10765-8 .

Bouyeddou, B., F. Harrou, B. Kadri, and Y. Sun. 2021. Detecting network cyber-attacks using an integrated statistical approach. Cluster Computing—the Journal of Networks Software Tools and Applications 24 (2): 1435–1453. https://doi.org/10.1007/s10586-020-03203-1 .

Bozkir, A.S., and M. Aydos. 2020. LogoSENSE: A companion HOG based logo detection scheme for phishing web page and E-mail brand recognition. Computers & Security 95: 18. https://doi.org/10.1016/j.cose.2020.101855 .

Brower, D., and M. McCormick. 2021. Colonial pipeline resumes operations following ransomware attack. Financial Times .

Cai, H., F. Zhang, and A. Levi. 2019. An unsupervised method for detecting shilling attacks in recommender systems by mining item relationship and identifying target items. The Computer Journal 62 (4): 579–597. https://doi.org/10.1093/comjnl/bxy124 .

Cebula, J.J., M.E. Popeck, and L.R. Young. 2014. A Taxonomy of Operational Cyber Security Risks Version 2 .

Chadza, T., K.G. Kyriakopoulos, and S. Lambotharan. 2020. Learning to learn sequential network attacks using hidden Markov models. IEEE Access 8: 134480–134497. https://doi.org/10.1109/ACCESS.2020.3011293 .

Chatterjee, S., and S. Thekdi. 2020. An iterative learning and inference approach to managing dynamic cyber vulnerabilities of complex systems. Reliability Engineering and System Safety . https://doi.org/10.1016/j.ress.2019.106664 .

Chattopadhyay, M., R. Sen, and S. Gupta. 2018. A comprehensive review and meta-analysis on applications of machine learning techniques in intrusion detection. Australasian Journal of Information Systems 22: 27.

Chen, H.S., and J. Fiscus. 2018. The inhospitable vulnerability: A need for cybersecurity risk assessment in the hospitality industry. Journal of Hospitality and Tourism Technology 9 (2): 223–234. https://doi.org/10.1108/JHTT-07-2017-0044 .

Chhabra, G.S., V.P. Singh, and M. Singh. 2020. Cyber forensics framework for big data analytics in IoT environment using machine learning. Multimedia Tools and Applications 79 (23–24): 15881–15900. https://doi.org/10.1007/s11042-018-6338-1 .

Chiba, Z., N. Abghour, K. Moussaid, A. Elomri, and M. Rida. 2019. Intelligent approach to build a Deep Neural Network based IDS for cloud environment using combination of machine learning algorithms. Computers and Security 86: 291–317. https://doi.org/10.1016/j.cose.2019.06.013 .

Choras, M., and R. Kozik. 2015. Machine learning techniques applied to detect cyber attacks on web applications. Logic Journal of the IGPL 23 (1): 45–56. https://doi.org/10.1093/jigpal/jzu038 .

Chowdhury, S., M. Khanzadeh, R. Akula, F. Zhang, S. Zhang, H. Medal, M. Marufuzzaman, and L. Bian. 2017. Botnet detection using graph-based feature clustering. Journal of Big Data 4 (1): 14. https://doi.org/10.1186/s40537-017-0074-7 .

Cost Of A Cyber Incident: Systematic Review And Cross-Validation, Cybersecurity & Infrastructure Agency , 1, https://www.cisa.gov/sites/default/files/publications/CISA-OCE_Cost_of_Cyber_Incidents_Study-FINAL_508.pdf (2020).

D’Hooge, L., T. Wauters, B. Volckaert, and F. De Turck. 2019. Classification hardness for supervised learners on 20 years of intrusion detection data. IEEE Access 7: 167455–167469. https://doi.org/10.1109/access.2019.2953451 .

Damasevicius, R., A. Venckauskas, S. Grigaliunas, J. Toldinas, N. Morkevicius, T. Aleliunas, and P. Smuikys. 2020. LITNET-2020: An annotated real-world network flow dataset for network intrusion detection. Electronics 9 (5): 23. https://doi.org/10.3390/electronics9050800 .

De Giovanni, A.L.D., and M. Pirra. 2020. On the determinants of data breaches: A cointegration analysis. Decisions in Economics and Finance . https://doi.org/10.1007/s10203-020-00301-y .

Deng, L., D. Li, X. Yao, and H. Wang. 2019. Retracted Article: Mobile network intrusion detection for IoT system based on transfer learning algorithm. Cluster Computing 22 (4): 9889–9904. https://doi.org/10.1007/s10586-018-1847-2 .

Donkal, G., and G.K. Verma. 2018. A multimodal fusion based framework to reinforce IDS for securing Big Data environment using Spark. Journal of Information Security and Applications 43: 1–11. https://doi.org/10.1016/j.jisa.2018.10.001 .

Dunn, C., N. Moustafa, and B. Turnbull. 2020. Robustness evaluations of sustainable machine learning models against data Poisoning attacks in the Internet of Things. Sustainability 12 (16): 17. https://doi.org/10.3390/su12166434 .

Dwivedi, S., M. Vardhan, and S. Tripathi. 2021. Multi-parallel adaptive grasshopper optimization technique for detecting anonymous attacks in wireless networks. Wireless Personal Communications . https://doi.org/10.1007/s11277-021-08368-5 .

Dyson, B. 2020. COVID-19 crisis could be ‘watershed’ for cyber insurance, says Swiss Re exec. https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/covid-19-crisis-could-be-watershed-for-cyber-insurance-says-swiss-re-exec-59197154 . Accessed 7 May 2020.

EIOPA. 2018. Understanding cyber insurance—a structured dialogue with insurance companies. https://www.eiopa.europa.eu/sites/default/files/publications/reports/eiopa_understanding_cyber_insurance.pdf . Accessed 28 May 2018

Elijah, A.V., A. Abdullah, N.Z. JhanJhi, M. Supramaniam, and O.B. Abdullateef. 2019. Ensemble and deep-learning methods for two-class and multi-attack anomaly intrusion detection: An empirical study. International Journal of Advanced Computer Science and Applications 10 (9): 520–528.

Eling, M., and K. Jung. 2018. Copula approaches for modeling cross-sectional dependence of data breach losses. Insurance Mathematics & Economics 82: 167–180. https://doi.org/10.1016/j.insmatheco.2018.07.003 .

Eling, M., and W. Schnell. 2016. What do we know about cyber risk and cyber risk insurance? Journal of Risk Finance 17 (5): 474–491. https://doi.org/10.1108/jrf-09-2016-0122 .

Eling, M., and J. Wirfs. 2019. What are the actual costs of cyber risk events? European Journal of Operational Research 272 (3): 1109–1119. https://doi.org/10.1016/j.ejor.2018.07.021 .

Eling, M. 2020. Cyber risk research in business and actuarial science. European Actuarial Journal 10 (2): 303–333.

Elmasry, W., A. Akbulut, and A.H. Zaim. 2019. Empirical study on multiclass classification-based network intrusion detection. Computational Intelligence 35 (4): 919–954. https://doi.org/10.1111/coin.12220 .

Elsaid, S.A., and N.S. Albatati. 2020. An optimized collaborative intrusion detection system for wireless sensor networks. Soft Computing 24 (16): 12553–12567. https://doi.org/10.1007/s00500-020-04695-0 .

Estepa, R., J.E. Díaz-Verdejo, A. Estepa, and G. Madinabeitia. 2020. How much training data is enough? A case study for HTTP anomaly-based intrusion detection. IEEE Access 8: 44410–44425. https://doi.org/10.1109/ACCESS.2020.2977591 .

European Council. 2021. Cybersecurity: how the EU tackles cyber threats. https://www.consilium.europa.eu/en/policies/cybersecurity/ . Accessed 10 May 2021

Falco, G. et al. 2019. Cyber risk research impeded by disciplinary barriers. Science (American Association for the Advancement of Science) 366 (6469): 1066–1069.

Fan, Z.J., Z.P. Tan, C.X. Tan, and X. Li. 2018. An improved integrated prediction method of cyber security situation based on spatial-time analysis. Journal of Internet Technology 19 (6): 1789–1800. https://doi.org/10.3966/160792642018111906015 .

Fang, Z.J., M.C. Xu, S.H. Xu, and T.Z. Hu. 2021. A framework for predicting data breach risk: Leveraging dependence to cope with sparsity. IEEE Transactions on Information Forensics and Security 16: 2186–2201. https://doi.org/10.1109/tifs.2021.3051804 .

Farkas, S., O. Lopez, and M. Thomas. 2021. Cyber claim analysis using Generalized Pareto regression trees with applications to insurance. Insurance: Mathematics and Economics 98: 92–105. https://doi.org/10.1016/j.insmatheco.2021.02.009 .

Farsi, H., A. Fanian, and Z. Taghiyarrenani. 2019. A novel online state-based anomaly detection system for process control networks. International Journal of Critical Infrastructure Protection 27: 11. https://doi.org/10.1016/j.ijcip.2019.100323 .

Ferrag, M.A., L. Maglaras, S. Moschoyiannis, and H. Janicke. 2020. Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications 50: 19. https://doi.org/10.1016/j.jisa.2019.102419 .

Field, M. 2018. WannaCry cyber attack cost the NHS £92m as 19,000 appointments cancelled. https://www.telegraph.co.uk/technology/2018/10/11/wannacry-cyber-attack-cost-nhs-92m-19000-appointments-cancelled/ . Accessed 9 May 2018.

FitchRatings. 2021. U.S. Cyber Insurance Market Update (Spike in Claims Leads to Decline in 2020 Underwriting Performance). https://www.fitchratings.com/research/insurance/us-cyber-insurance-market-update-spike-in-claims-leads-to-decline-in-2020-underwriting-performance-26-05-2021 .

Fossaceca, J.M., T.A. Mazzuchi, and S. Sarkani. 2015. MARK-ELM: Application of a novel Multiple Kernel Learning framework for improving the robustness of network intrusion detection. Expert Systems with Applications 42 (8): 4062–4080. https://doi.org/10.1016/j.eswa.2014.12.040 .

Franke, U., and J. Brynielsson. 2014. Cyber situational awareness–a systematic review of the literature. Computers & security 46: 18–31.

Freeha, K., K.J. Hwan, M. Lars, and M. Robin. 2021. Data breach management: An integrated risk model. Information & Management 58 (1): 103392. https://doi.org/10.1016/j.im.2020.103392 .

Ganeshan, R., and P. Rodrigues. 2020. Crow-AFL: Crow based adaptive fractional lion optimization approach for the intrusion detection. Wireless Personal Communications 111 (4): 2065–2089. https://doi.org/10.1007/s11277-019-06972-0 .

GAO. 2021. CYBER INSURANCE—Insurers and policyholders face challenges in an evolving market. https://www.gao.gov/assets/gao-21-477.pdf . Accessed 16 May 2021.

Garber, J. 2021. Colonial Pipeline fiasco foreshadows impact of Biden energy policy. https://www.foxbusiness.com/markets/colonial-pipeline-fiasco-foreshadows-impact-of-biden-energy-policy . Accessed 4 May 2021.

Gauthama Raman, M.R., N. Somu, S. Jagarapu, T. Manghnani, T. Selvam, K. Krithivasan, and V.S. Shankar Sriram. 2020. An efficient intrusion detection technique based on support vector machine and improved binary gravitational search algorithm. Artificial Intelligence Review 53 (5): 3255–3286. https://doi.org/10.1007/s10462-019-09762-z .

Gavel, S., A.S. Raghuvanshi, and S. Tiwari. 2021. Distributed intrusion detection scheme using dual-axis dimensionality reduction for Internet of things (IoT). Journal of Supercomputing . https://doi.org/10.1007/s11227-021-03697-5 .

GDPR.EU. 2021. FAQ. https://gdpr.eu/faq/ . Accessed 10 May 2021.

Georgescu, T.M., B. Iancu, and M. Zurini. 2019. Named-entity-recognition-based automated system for diagnosing cybersecurity situations in IoT networks. Sensors (switzerland) . https://doi.org/10.3390/s19153380 .

Giudici, P., and E. Raffinetti. 2020. Cyber risk ordering with rank-based statistical models. AStA Advances in Statistical Analysis . https://doi.org/10.1007/s10182-020-00387-0 .

Goh, J., S. Adepu, K.N. Junejo, and A. Mathur. 2016. A dataset to support research in the design of secure water treatment systems. In CRITIS.

Gong, X.Y., J.L. Lu, Y.F. Zhou, H. Qiu, and R. He. 2021. Model uncertainty based annotation error fixing for web attack detection. Journal of Signal Processing Systems for Signal Image and Video Technology 93 (2–3): 187–199. https://doi.org/10.1007/s11265-019-01494-1 .

Goode, S., H. Hoehle, V. Venkatesh, and S.A. Brown. 2017. USER compensation as a data breach recovery action: An investigation of the sony playstation network breach. MIS Quarterly 41 (3): 703–727.

Guo, H., S. Huang, C. Huang, Z. Pan, M. Zhang, and F. Shi. 2020. File entropy signal analysis combined with wavelet decomposition for malware classification. IEEE Access 8: 158961–158971. https://doi.org/10.1109/ACCESS.2020.3020330 .

Habib, M., I. Aljarah, and H. Faris. 2020. A Modified multi-objective particle swarm optimizer-based Lévy flight: An approach toward intrusion detection in Internet of Things. Arabian Journal for Science and Engineering 45 (8): 6081–6108. https://doi.org/10.1007/s13369-020-04476-9 .

Hajj, S., R. El Sibai, J.B. Abdo, J. Demerjian, A. Makhoul, and C. Guyeux. 2021. Anomaly-based intrusion detection systems: The requirements, methods, measurements, and datasets. Transactions on Emerging Telecommunications Technologies 32 (4): 36. https://doi.org/10.1002/ett.4240 .

Heartfield, R., G. Loukas, A. Bezemskij, and E. Panaousis. 2021. Self-configurable cyber-physical intrusion detection for smart homes using reinforcement learning. IEEE Transactions on Information Forensics and Security 16: 1720–1735. https://doi.org/10.1109/tifs.2020.3042049 .

Hemo, B., T. Gafni, K. Cohen, and Q. Zhao. 2020. Searching for anomalies over composite hypotheses. IEEE Transactions on Signal Processing 68: 1181–1196. https://doi.org/10.1109/TSP.2020.2971438

Hindy, H., D. Brosset, E. Bayne, A.K. Seeam, C. Tachtatzis, R. Atkinson, and X. Bellekens. 2020. A taxonomy of network threats and the effect of current datasets on intrusion detection systems. IEEE Access 8: 104650–104675. https://doi.org/10.1109/ACCESS.2020.3000179 .

Hong, W., D. Huang, C. Chen, and J. Lee. 2020. Towards accurate and efficient classification of power system contingencies and cyber-attacks using recurrent neural networks. IEEE Access 8: 123297–123309. https://doi.org/10.1109/ACCESS.2020.3007609 .

Husák, M., M. Zádník, V. Bartos, and P. Sokol. 2020. Dataset of intrusion detection alerts from a sharing platform. Data in Brief 33: 106530.

IBM Security. 2020. Cost of a Data breach Report. https://www.capita.com/sites/g/files/nginej291/files/2020-08/Ponemon-Global-Cost-of-Data-Breach-Study-2020.pdf . Accessed 19 May 2021.

IEEE. 2021. IEEE Quick Facts. https://www.ieee.org/about/at-a-glance.html . Accessed 11 May 2021.

Kilincer, I.F., F. Ertam, and S. Abdulkadir. 2021. Machine learning methods for cyber security intrusion detection: Datasets and comparative study. Computer Networks 188: 107840. https://doi.org/10.1016/j.comnet.2021.107840 .

Jaber, A.N., and S. Ul Rehman. 2020. FCM-SVM based intrusion detection system for cloud computing environment. Cluster Computing—the Journal of Networks Software Tools and Applications 23 (4): 3221–3231. https://doi.org/10.1007/s10586-020-03082-6 .

Jacobs, J., S. Romanosky, B. Edwards, M. Roytman, and I. Adjerid. 2019. Exploit prediction scoring system (epss). arXiv:1908.04856

Jacobsen, A. et al. 2020. FAIR principles: Interpretations and implementation considerations. Data Intelligence 2 (1–2): 10–29. https://doi.org/10.1162/dint_r_00024 .

Jahromi, A.N., S. Hashemi, A. Dehghantanha, R.M. Parizi, and K.K.R. Choo. 2020. An enhanced stacked LSTM method with no random initialization for malware threat hunting in safety and time-critical systems. IEEE Transactions on Emerging Topics in Computational Intelligence 4 (5): 630–640. https://doi.org/10.1109/TETCI.2019.2910243 .

Jang, S., S. Li, and Y. Sung. 2020. FastText-based local feature visualization algorithm for merged image-based malware classification framework for cyber security and cyber defense. Mathematics 8 (3): 13. https://doi.org/10.3390/math8030460 .

Javeed, D., T.H. Gao, and M.T. Khan. 2021. SDN-enabled hybrid DL-driven framework for the detection of emerging cyber threats in IoT. Electronics 10 (8): 16. https://doi.org/10.3390/electronics10080918 .

Johnson, P., D. Gorton, R. Lagerstrom, and M. Ekstedt. 2016. Time between vulnerability disclosures: A measure of software product vulnerability. Computers & Security 62: 278–295. https://doi.org/10.1016/j.cose.2016.08.004 .

Johnson, P., R. Lagerström, M. Ekstedt, and U. Franke. 2018. Can the common vulnerability scoring system be trusted? A Bayesian analysis. IEEE Transactions on Dependable and Secure Computing 15 (6): 1002–1015. https://doi.org/10.1109/TDSC.2016.2644614 .

Junger, M., V. Wang, and M. Schlömer. 2020. Fraud against businesses both online and offline: Crime scripts, business characteristics, efforts, and benefits. Crime Science 9 (1): 13. https://doi.org/10.1186/s40163-020-00119-4 .

Kalutarage, H.K., H.N. Nguyen, and S.A. Shaikh. 2017. Towards a threat assessment framework for apps collusion. Telecommunication Systems 66 (3): 417–430. https://doi.org/10.1007/s11235-017-0296-1 .

Kamarudin, M.H., C. Maple, T. Watson, and N.S. Safa. 2017. A LogitBoost-based algorithm for detecting known and unknown web attacks. IEEE Access 5: 26190–26200. https://doi.org/10.1109/ACCESS.2017.2766844 .

Kasongo, S.M., and Y.X. Sun. 2020. A deep learning method with wrapper based feature extraction for wireless intrusion detection system. Computers & Security 92: 15. https://doi.org/10.1016/j.cose.2020.101752 .

Keserwani, P.K., M.C. Govil, E.S. Pilli, and P. Govil. 2021. A smart anomaly-based intrusion detection system for the Internet of Things (IoT) network using GWO–PSO–RF model. Journal of Reliable Intelligent Environments 7 (1): 3–21. https://doi.org/10.1007/s40860-020-00126-x .

Keshk, M., E. Sitnikova, N. Moustafa, J. Hu, and I. Khalil. 2021. An integrated framework for privacy-preserving based anomaly detection for cyber-physical systems. IEEE Transactions on Sustainable Computing 6 (1): 66–79. https://doi.org/10.1109/TSUSC.2019.2906657 .

Khan, I.A., D.C. Pi, A.K. Bhatia, N. Khan, W. Haider, and A. Wahab. 2020. Generating realistic IoT-based IDS dataset centred on fuzzy qualitative modelling for cyber-physical systems. Electronics Letters 56 (9): 441–443. https://doi.org/10.1049/el.2019.4158 .

Khraisat, A., I. Gondal, P. Vamplew, J. Kamruzzaman, and A. Alazab. 2020. Hybrid intrusion detection system based on the stacking ensemble of C5 decision tree classifier and one class support vector machine. Electronics 9 (1): 18. https://doi.org/10.3390/electronics9010173 .

Khraisat, A., I. Gondal, P. Vamplew, and J. Kamruzzaman. 2019. Survey of intrusion detection systems: Techniques, datasets and challenges. Cybersecurity 2 (1): 20. https://doi.org/10.1186/s42400-019-0038-7 .

Kilincer, I.F., F. Ertam, and A. Sengur. 2021. Machine learning methods for cyber security intrusion detection: Datasets and comparative study. Computer Networks 188: 16. https://doi.org/10.1016/j.comnet.2021.107840 .

Kim, D., and H.K. Kim. 2019. Automated dataset generation system for collaborative research of cyber threat analysis. Security and Communication Networks 2019: 10. https://doi.org/10.1155/2019/6268476 .

Kim, G., C. Lee, J. Jo, and H. Lim. 2020. Automatic extraction of named entities of cyber threats using a deep Bi-LSTM-CRF network. International Journal of Machine Learning and Cybernetics 11 (10): 2341–2355. https://doi.org/10.1007/s13042-020-01122-6 .

Kirubavathi, G., and R. Anitha. 2016. Botnet detection via mining of traffic flow characteristics. Computers & Electrical Engineering 50: 91–101. https://doi.org/10.1016/j.compeleceng.2016.01.012 .

Kiwia, D., A. Dehghantanha, K.K.R. Choo, and J. Slaughter. 2018. A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence. Journal of Computational Science 27: 394–409. https://doi.org/10.1016/j.jocs.2017.10.020 .

Koroniotis, N., N. Moustafa, and E. Sitnikova. 2020. A new network forensic framework based on deep learning for Internet of Things networks: A particle deep framework. Future Generation Computer Systems 110: 91–106. https://doi.org/10.1016/j.future.2020.03.042 .

Kruse, C.S., B. Frederick, T. Jacobson, and D. Kyle Monticone. 2017. Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Health Care 25 (1): 1–10.

Kshetri, N. 2018. The economics of cyber-insurance. IT Professional 20 (6): 9–14. https://doi.org/10.1109/MITP.2018.2874210 .

Kumar, R., P. Kumar, R. Tripathi, G.P. Gupta, T.R. Gadekallu, and G. Srivastava. 2021. SP2F: A secured privacy-preserving framework for smart agricultural Unmanned Aerial Vehicles. Computer Networks . https://doi.org/10.1016/j.comnet.2021.107819 .

Kumar, R., and R. Tripathi. 2021. DBTP2SF: A deep blockchain-based trustworthy privacy-preserving secured framework in industrial internet of things systems. Transactions on Emerging Telecommunications Technologies 32 (4): 27. https://doi.org/10.1002/ett.4222 .

Laso, P.M., D. Brosset, and J. Puentes. 2017. Dataset of anomalies and malicious acts in a cyber-physical subsystem. Data in Brief 14: 186–191. https://doi.org/10.1016/j.dib.2017.07.038 .

Lee, J., J. Kim, I. Kim, and K. Han. 2019. Cyber threat detection based on artificial neural networks using event profiles. IEEE Access 7: 165607–165626. https://doi.org/10.1109/ACCESS.2019.2953095 .

Lee, S.J., P.D. Yoo, A.T. Asyhari, Y. Jhi, L. Chermak, C.Y. Yeun, and K. Taha. 2020. IMPACT: Impersonation attack detection via edge computing using deep Autoencoder and feature abstraction. IEEE Access 8: 65520–65529. https://doi.org/10.1109/ACCESS.2020.2985089 .

Leong, Y.-Y., and Y.-C. Chen. 2020. Cyber risk cost and management in IoT devices-linked health insurance. The Geneva Papers on Risk and Insurance—Issues and Practice 45 (4): 737–759. https://doi.org/10.1057/s41288-020-00169-4 .

Levi, M. 2017. Assessing the trends, scale and nature of economic cybercrimes: overview and Issues: In Cybercrimes, cybercriminals and their policing, in crime, law and social change. Crime, Law and Social Change 67 (1): 3–20. https://doi.org/10.1007/s10611-016-9645-3 .

Li, C., K. Mills, D. Niu, R. Zhu, H. Zhang, and H. Kinawi. 2019a. Android malware detection based on factorization machine. IEEE Access 7: 184008–184019. https://doi.org/10.1109/ACCESS.2019.2958927 .

Li, D.Q., and Q.M. Li. 2020. Adversarial deep ensemble: evasion attacks and defenses for malware detection. IEEE Transactions on Information Forensics and Security 15: 3886–3900. https://doi.org/10.1109/tifs.2020.3003571 .

Li, D.Q., Q.M. Li, Y.F. Ye, and S.H. Xu. 2021. A framework for enhancing deep neural networks against adversarial malware. IEEE Transactions on Network Science and Engineering 8 (1): 736–750. https://doi.org/10.1109/tnse.2021.3051354 .

Li, R.H., C. Zhang, C. Feng, X. Zhang, and C.J. Tang. 2019b. Locating vulnerability in binaries using deep neural networks. IEEE Access 7: 134660–134676. https://doi.org/10.1109/access.2019.2942043 .

Li, X., M. Xu, P. Vijayakumar, N. Kumar, and X. Liu. 2020. Detection of low-frequency and multi-stage attacks in industrial Internet of Things. IEEE Transactions on Vehicular Technology 69 (8): 8820–8831. https://doi.org/10.1109/TVT.2020.2995133 .

Liu, H.Y., and B. Lang. 2019. Machine learning and deep learning methods for intrusion detection systems: A survey. Applied Sciences—Basel 9 (20): 28. https://doi.org/10.3390/app9204396 .

Lopez-Martin, M., B. Carro, and A. Sanchez-Esguevillas. 2020. Application of deep reinforcement learning to intrusion detection for supervised problems. Expert Systems with Applications . https://doi.org/10.1016/j.eswa.2019.112963 .

Loukas, G., D. Gan, and Tuan Vuong. 2013. A review of cyber threats and defence approaches in emergency management. Future Internet 5: 205–236.

Luo, C.C., S. Su, Y.B. Sun, Q.J. Tan, M. Han, and Z.H. Tian. 2020. A convolution-based system for malicious URLs detection. CMC—Computers Materials Continua 62 (1): 399–411.

Mahbooba, B., M. Timilsina, R. Sahal, and M. Serrano. 2021. Explainable artificial intelligence (XAI) to enhance trust management in intrusion detection systems using decision tree model. Complexity 2021: 11. https://doi.org/10.1155/2021/6634811 .

Mahdavifar, S., and A.A. Ghorbani. 2020. DeNNeS: Deep embedded neural network expert system for detecting cyber attacks. Neural Computing & Applications 32 (18): 14753–14780. https://doi.org/10.1007/s00521-020-04830-w .

Mahfouz, A., A. Abuhussein, D. Venugopal, and S. Shiva. 2020. Ensemble classifiers for network intrusion detection using a novel network attack dataset. Future Internet 12 (11): 1–19. https://doi.org/10.3390/fi12110180 .

Maleks Smith, Z., E. Lostri, and J.A. Lewis. 2020. The hidden costs of cybercrime. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-hidden-costs-of-cybercrime.pdf . Accessed 16 May 2021.

Malik, J., A. Akhunzada, I. Bibi, M. Imran, A. Musaddiq, and S.W. Kim. 2020. Hybrid deep learning: An efficient reconnaissance and surveillance detection mechanism in SDN. IEEE Access 8: 134695–134706. https://doi.org/10.1109/ACCESS.2020.3009849 .

Manimurugan, S. 2020. IoT-Fog-Cloud model for anomaly detection using improved Naive Bayes and principal component analysis. Journal of Ambient Intelligence and Humanized Computing . https://doi.org/10.1007/s12652-020-02723-3 .

Martin, A., R. Lara-Cabrera, and D. Camacho. 2019. Android malware detection through hybrid features fusion and ensemble classifiers: The AndroPyTool framework and the OmniDroid dataset. Information Fusion 52: 128–142. https://doi.org/10.1016/j.inffus.2018.12.006 .

Mauro, M.D., G. Galatro, and A. Liotta. 2020. Experimental review of neural-based approaches for network intrusion management. IEEE Transactions on Network and Service Management 17 (4): 2480–2495. https://doi.org/10.1109/TNSM.2020.3024225 .

McLeod, A., and D. Dolezel. 2018. Cyber-analytics: Modeling factors associated with healthcare data breaches. Decision Support Systems 108: 57–68. https://doi.org/10.1016/j.dss.2018.02.007 .

Meira, J., R. Andrade, I. Praca, J. Carneiro, V. Bolon-Canedo, A. Alonso-Betanzos, and G. Marreiros. 2020. Performance evaluation of unsupervised techniques in cyber-attack anomaly detection. Journal of Ambient Intelligence and Humanized Computing 11 (11): 4477–4489. https://doi.org/10.1007/s12652-019-01417-9 .

Miao, Y., J. Ma, X. Liu, J. Weng, H. Li, and H. Li. 2019. Lightweight fine-grained search over encrypted data in Fog computing. IEEE Transactions on Services Computing 12 (5): 772–785. https://doi.org/10.1109/TSC.2018.2823309 .

Miller, C., and C. Valasek. 2015. Remote exploitation of an unaltered passenger vehicle. Black Hat USA 2015 (S 91).

Mireles, J.D., E. Ficke, J.H. Cho, P. Hurley, and S.H. Xu. 2019. Metrics towards measuring cyber agility. IEEE Transactions on Information Forensics and Security 14 (12): 3217–3232. https://doi.org/10.1109/tifs.2019.2912551 .

Mishra, N., and S. Pandya. 2021. Internet of Things applications, security challenges, attacks, intrusion detection, and future visions: A systematic review. IEEE Access . https://doi.org/10.1109/ACCESS.2021.3073408 .

Monshizadeh, M., V. Khatri, B.G. Atli, R. Kantola, and Z. Yan. 2019. Performance evaluation of a combined anomaly detection platform. IEEE Access 7: 100964–100978. https://doi.org/10.1109/ACCESS.2019.2930832 .

Moreno, V.C., G. Reniers, E. Salzano, and V. Cozzani. 2018. Analysis of physical and cyber security-related events in the chemical and process industry. Process Safety and Environmental Protection 116: 621–631. https://doi.org/10.1016/j.psep.2018.03.026 .

Moro, E.D. 2020. Towards an economic cyber loss index for parametric cover based on IT security indicator: A preliminary analysis. Risks . https://doi.org/10.3390/risks8020045 .

Moustafa, N., E. Adi, B. Turnbull, and J. Hu. 2018. A new threat intelligence scheme for safeguarding industry 4.0 systems. IEEE Access 6: 32910–32924. https://doi.org/10.1109/ACCESS.2018.2844794 .

Moustakidis, S., and P. Karlsson. 2020. A novel feature extraction methodology using Siamese convolutional neural networks for intrusion detection. Cybersecurity . https://doi.org/10.1186/s42400-020-00056-4 .

Mukhopadhyay, A., S. Chatterjee, K.K. Bagchi, P.J. Kirs, and G.K. Shukla. 2019. Cyber Risk Assessment and Mitigation (CRAM) framework using Logit and Probit models for cyber insurance. Information Systems Frontiers 21 (5): 997–1018. https://doi.org/10.1007/s10796-017-9808-5 .

Murphey, H. 2021a. Biden signs executive order to strengthen US cyber security. https://www.ft.com/content/4d808359-b504-4014-85f6-68e7a2851bf1?accessToken=zwAAAXl0_ifgkc9NgINZtQRAFNOF9mjnooUb8Q.MEYCIQDw46SFWsMn1iyuz3kvgAmn6mxc0rIVfw10Lg1ovJSfJwIhAK2X2URzfSqHwIS7ddRCvSt2nGC2DcdoiDTG49-4TeEt&sharetype=gift?token=fbcd6323-1ecf-4fc3-b136-b5b0dd6a8756 . Accessed 7 May 2021.

Murphey, H. 2021b. Millions of connected devices have security flaws, study shows. https://www.ft.com/content/0bf92003-926d-4dee-87d7-b01f7c3e9621?accessToken=zwAAAXnA7f2Ikc8L-SADkm1N7tOH17AffD6WIQ.MEQCIDjBuROvhmYV0Mx3iB0cEV7m5oND1uaCICxJu0mzxM0PAiBam98q9zfHiTB6hKGr1gGl0Azt85yazdpX9K5sI8se3Q&sharetype=gift?token=2538218d-77d9-4dd3-9649-3cb556a34e51 . Accessed 6 May 2021.

Murugesan, V., M. Shalinie, and M.H. Yang. 2018. Design and analysis of hybrid single packet IP traceback scheme. IET Networks 7 (3): 141–151. https://doi.org/10.1049/iet-net.2017.0115 .

Mwitondi, K.S., and S.A. Zargari. 2018. An iterative multiple sampling method for intrusion detection. Information Security Journal 27 (4): 230–239. https://doi.org/10.1080/19393555.2018.1539790 .

Neto, N.N., S. Madnick, A.M.G. De Paula, and N.M. Borges. 2021. Developing a global data breach database and the challenges encountered. ACM Journal of Data and Information Quality 13 (1): 33. https://doi.org/10.1145/3439873 .

Nurse, J.R.C., L. Axon, A. Erola, I. Agrafiotis, M. Goldsmith, and S. Creese. 2020. The data that drives cyber insurance: A study into the underwriting and claims processes. In 2020 International conference on cyber situational awareness, data analytics and assessment (CyberSA), 15–19 June 2020.

Oliveira, N., I. Praca, E. Maia, and O. Sousa. 2021. Intelligent cyber attack detection and classification for network-based intrusion detection systems. Applied Sciences—Basel 11 (4): 21. https://doi.org/10.3390/app11041674 .

Page, M.J. et al. 2021. The PRISMA 2020 statement: An updated guideline for reporting systematic reviews. Systematic Reviews 10 (1): 89. https://doi.org/10.1186/s13643-021-01626-4 .

Pajouh, H.H., R. Javidan, R. Khayami, A. Dehghantanha, and K.R. Choo. 2019. A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Transactions on Emerging Topics in Computing 7 (2): 314–323. https://doi.org/10.1109/TETC.2016.2633228 .

Parra, G.D., P. Rad, K.K.R. Choo, and N. Beebe. 2020. Detecting Internet of Things attacks using distributed deep learning. Journal of Network and Computer Applications 163: 13. https://doi.org/10.1016/j.jnca.2020.102662 .

Paté-Cornell, M.E., M. Kuypers, M. Smith, and P. Keller. 2018. Cyber risk management for critical infrastructure: A risk analysis model and three case studies. Risk Analysis 38 (2): 226–241. https://doi.org/10.1111/risa.12844 .

Pooser, D.M., M.J. Browne, and O. Arkhangelska. 2018. Growth in the perception of cyber risk: evidence from U.S. P&C Insurers. The Geneva Papers on Risk and Insurance—Issues and Practice 43 (2): 208–223. https://doi.org/10.1057/s41288-017-0077-9 .

Pu, G., L. Wang, J. Shen, and F. Dong. 2021. A hybrid unsupervised clustering-based anomaly detection method. Tsinghua Science and Technology 26 (2): 146–153. https://doi.org/10.26599/TST.2019.9010051 .

Qiu, J., W. Luo, L. Pan, Y. Tai, J. Zhang, and Y. Xiang. 2019. Predicting the impact of android malicious samples via machine learning. IEEE Access 7: 66304–66316. https://doi.org/10.1109/ACCESS.2019.2914311 .

Qu, X., L. Yang, K. Guo, M. Sun, L. Ma, T. Feng, S. Ren, K. Li, and X. Ma. 2020. Direct batch growth hierarchical self-organizing mapping based on statistics for efficient network intrusion detection. IEEE Access 8: 42251–42260. https://doi.org/10.1109/ACCESS.2020.2976810 .

Rahman, Md.S., S. Halder, Md. Ashraf Uddin, and U.K. Acharjee. 2021. An efficient hybrid system for anomaly detection in social networks. Cybersecurity 4 (1): 10. https://doi.org/10.1186/s42400-021-00074-w .

Ramaiah, M., V. Chandrasekaran, V. Ravi, and N. Kumar. 2021. An intrusion detection system using optimized deep neural network architecture. Transactions on Emerging Telecommunications Technologies 32 (4): 17. https://doi.org/10.1002/ett.4221 .

Raman, M.R.G., K. Kannan, S.K. Pal, and V.S.S. Sriram. 2016. Rough set-hypergraph-based feature selection approach for intrusion detection systems. Defence Science Journal 66 (6): 612–617. https://doi.org/10.14429/dsj.66.10802 .

Rathore, S., J.H. Park. 2018. Semi-supervised learning based distributed attack detection framework for IoT. Applied Soft Computing 72: 79–89. https://doi.org/10.1016/j.asoc.2018.05.049 .

Romanosky, S., L. Ablon, A. Kuehn, and T. Jones. 2019. Content analysis of cyber insurance policies: How do carriers price cyber risk? Journal of Cybersecurity (oxford) 5 (1): tyz002.

Sarabi, A., P. Naghizadeh, Y. Liu, and M. Liu. 2016. Risky business: Fine-grained data breach prediction using business profiles. Journal of Cybersecurity 2 (1): 15–28. https://doi.org/10.1093/cybsec/tyw004 .

Sardi, Alberto, Alessandro Rizzi, Enrico Sorano, and Anna Guerrieri. 2021. Cyber risk in health facilities: A systematic literature review. Sustainability 12 (17): 7002.

Sarker, Iqbal H., A.S.M. Kayes, Shahriar Badsha, Hamed Alqahtani, Paul Watters, and Alex Ng. 2020. Cybersecurity data science: An overview from machine learning perspective. Journal of Big Data 7 (1): 41. https://doi.org/10.1186/s40537-020-00318-5 .

Scopus. 2021. Factsheet. https://www.elsevier.com/__data/assets/pdf_file/0017/114533/Scopus_GlobalResearch_Factsheet2019_FINAL_WEB.pdf . Accessed 11 May 2021.

Sentuna, A., A. Alsadoon, P.W.C. Prasad, M. Saadeh, and O.H. Alsadoon. 2021. A novel Enhanced Naïve Bayes Posterior Probability (ENBPP) using machine learning: Cyber threat analysis. Neural Processing Letters 53 (1): 177–209. https://doi.org/10.1007/s11063-020-10381-x .

Shaukat, K., S.H. Luo, V. Varadharajan, I.A. Hameed, S. Chen, D.X. Liu, and J.M. Li. 2020. Performance comparison and current challenges of using machine learning techniques in cybersecurity. Energies 13 (10): 27. https://doi.org/10.3390/en13102509 .

Sheehan, B., F. Murphy, M. Mullins, and C. Ryan. 2019. Connected and autonomous vehicles: A cyber-risk classification framework. Transportation Research Part a: Policy and Practice 124: 523–536. https://doi.org/10.1016/j.tra.2018.06.033 .

Sheehan, B., F. Murphy, A.N. Kia, and R. Kiely. 2021. A quantitative bow-tie cyber risk classification and assessment framework. Journal of Risk Research 24 (12): 1619–1638.

Shlomo, A., M. Kalech, and R. Moskovitch. 2021. Temporal pattern-based malicious activity detection in SCADA systems. Computers & Security 102: 17. https://doi.org/10.1016/j.cose.2020.102153 .

Singh, K.J., and T. De. 2020. Efficient classification of DDoS attacks using an ensemble feature selection algorithm. Journal of Intelligent Systems 29 (1): 71–83. https://doi.org/10.1515/jisys-2017-0472 .

Skrjanc, I., S. Ozawa, T. Ban, and D. Dovzan. 2018. Large-scale cyber attacks monitoring using Evolving Cauchy Possibilistic Clustering. Applied Soft Computing 62: 592–601. https://doi.org/10.1016/j.asoc.2017.11.008 .

Smart, W. 2018. Lessons learned review of the WannaCry Ransomware Cyber Attack. https://www.england.nhs.uk/wp-content/uploads/2018/02/lessons-learned-review-wannacry-ransomware-cyber-attack-cio-review.pdf . Accessed 7 May 2021.

Sornette, D., T. Maillart, and W. Kröger. 2013. Exploring the limits of safety analysis in complex technological systems. International Journal of Disaster Risk Reduction 6: 59–66. https://doi.org/10.1016/j.ijdrr.2013.04.002 .

Sovacool, B.K. 2008. The costs of failure: A preliminary assessment of major energy accidents, 1907–2007. Energy Policy 36 (5): 1802–1820. https://doi.org/10.1016/j.enpol.2008.01.040 .

SpringerLink. 2021. Journal Search. https://rd.springer.com/search?facet-content-type=%22Journal%22 . Accessed 11 May 2021.

Stojanovic, B., K. Hofer-Schmitz, and U. Kleb. 2020. APT datasets and attack modeling for automated detection methods: A review. Computers & Security 92: 19. https://doi.org/10.1016/j.cose.2020.101734 .

Subroto, A., and A. Apriyana. 2019. Cyber risk prediction through social media big data analytics and statistical machine learning. Journal of Big Data . https://doi.org/10.1186/s40537-019-0216-1 .

Tan, Z., A. Jamdagni, X. He, P. Nanda, R.P. Liu, and J. Hu. 2015. Detection of denial-of-service attacks based on computer vision techniques. IEEE Transactions on Computers 64 (9): 2519–2533. https://doi.org/10.1109/TC.2014.2375218 .

Tidy, J. 2021. Irish cyber-attack: Hackers bail out Irish health service for free. https://www.bbc.com/news/world-europe-57197688 . Accessed 6 May 2021.

Tuncer, T., F. Ertam, and S. Dogan. 2020. Automated malware recognition method based on local neighborhood binary pattern. Multimedia Tools and Applications 79 (37–38): 27815–27832. https://doi.org/10.1007/s11042-020-09376-6 .

Uhm, Y., and W. Pak. 2021. Service-aware two-level partitioning for machine learning-based network intrusion detection with high performance and high scalability. IEEE Access 9: 6608–6622. https://doi.org/10.1109/ACCESS.2020.3048900 .

Ulven, J.B., and G. Wangen. 2021. A systematic review of cybersecurity risks in higher education. Future Internet 13 (2): 1–40. https://doi.org/10.3390/fi13020039 .

Vaccari, I., G. Chiola, M. Aiello, M. Mongelli, and E. Cambiaso. 2020. MQTTset, a new dataset for machine learning techniques on MQTT. Sensors 20 (22): 17. https://doi.org/10.3390/s20226578 .

Valeriano, B., and R.C. Maness. 2014. The dynamics of cyber conflict between rival antagonists, 2001–11. Journal of Peace Research 51 (3): 347–360. https://doi.org/10.1177/0022343313518940 .

Varghese, J.E., and B. Muniyal. 2021. An Efficient IDS framework for DDoS attacks in SDN environment. IEEE Access 9: 69680–69699. https://doi.org/10.1109/ACCESS.2021.3078065 .

Varsha, M. V., P. Vinod, K.A. Dhanya. 2017 Identification of malicious android app using manifest and opcode features. Journal of Computer Virology and Hacking Techniques 13 (2): 125–138. https://doi.org/10.1007/s11416-016-0277-z

Velliangiri, S., and H.M. Pandey. 2020. Fuzzy-Taylor-elephant herd optimization inspired Deep Belief Network for DDoS attack detection and comparison with state-of-the-arts algorithms. Future Generation Computer Systems—the International Journal of Escience 110: 80–90. https://doi.org/10.1016/j.future.2020.03.049 .

Verma, A., and V. Ranga. 2020. Machine learning based intrusion detection systems for IoT applications. Wireless Personal Communications 111 (4): 2287–2310. https://doi.org/10.1007/s11277-019-06986-8 .

Vidros, S., C. Kolias, G. Kambourakis, and L. Akoglu. 2017. Automatic detection of online recruitment frauds: Characteristics, methods, and a public dataset. Future Internet 9 (1): 19. https://doi.org/10.3390/fi9010006 .

Vinayakumar, R., M. Alazab, K.P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman. 2019. Deep learning approach for intelligent intrusion detection system. IEEE Access 7: 41525–41550. https://doi.org/10.1109/access.2019.2895334 .

Walker-Roberts, S., M. Hammoudeh, O. Aldabbas, M. Aydin, and A. Dehghantanha. 2020. Threats on the horizon: Understanding security threats in the era of cyber-physical systems. Journal of Supercomputing 76 (4): 2643–2664. https://doi.org/10.1007/s11227-019-03028-9 .

Web of Science. 2021. Web of Science: Science Citation Index Expanded. https://clarivate.com/webofsciencegroup/solutions/webofscience-scie/ . Accessed 11 May 2021.

World Economic Forum. 2020. WEF Global Risk Report. http://www3.weforum.org/docs/WEF_Global_Risk_Report_2020.pdf . Accessed 13 May 2020.

Xin, Y., L. Kong, Z. Liu, Y. Chen, Y. Li, H. Zhu, M. Gao, H. Hou, and C. Wang. 2018. Machine learning and deep learning methods for cybersecurity. IEEE Access 6: 35365–35381. https://doi.org/10.1109/ACCESS.2018.2836950 .

Xu, C., J. Zhang, K. Chang, and C. Long. 2013. Uncovering collusive spammers in Chinese review websites. In Proceedings of the 22nd ACM international conference on Information & Knowledge Management.

Yang, J., T. Li, G. Liang, W. He, and Y. Zhao. 2019. A Simple recurrent unit model based intrusion detection system with DCGAN. IEEE Access 7: 83286–83296. https://doi.org/10.1109/ACCESS.2019.2922692 .

Yuan, B.G., J.F. Wang, D. Liu, W. Guo, P. Wu, and X.H. Bao. 2020. Byte-level malware classification based on Markov images and deep learning. Computers & Security 92: 12. https://doi.org/10.1016/j.cose.2020.101740 .

Zhang, S., X.M. Ou, and D. Caragea. 2015. Predicting cyber risks through national vulnerability database. Information Security Journal 24 (4–6): 194–206. https://doi.org/10.1080/19393555.2015.1111961 .

Zhang, Y., P. Li, and X. Wang. 2019. Intrusion detection for IoT based on improved genetic algorithm and deep belief network. IEEE Access 7: 31711–31722.

Zheng, Muwei, Hannah Robbins, Zimo Chai, Prakash Thapa, and Tyler Moore. 2018. Cybersecurity research datasets: taxonomy and empirical analysis. In 11th {USENIX} workshop on cyber security experimentation and test ({CSET} 18).

Zhou, X., W. Liang, S. Shimizu, J. Ma, and Q. Jin. 2021. Siamese neural network based few-shot learning for anomaly detection in industrial cyber-physical systems. IEEE Transactions on Industrial Informatics 17 (8): 5790–5798. https://doi.org/10.1109/TII.2020.3047675 .

Zhou, Y.Y., G. Cheng, S.Q. Jiang, and M. Dai. 2020. Building an efficient intrusion detection system based on feature selection and ensemble classifier. Computer Networks 174: 17. https://doi.org/10.1016/j.comnet.2020.107247 .

Download references

Open Access funding provided by the IReL Consortium.

Author information

Authors and affiliations.

University of Limerick, Limerick, Ireland

Frank Cremer, Barry Sheehan, Arash N. Kia, Martin Mullins & Finbarr Murphy

TH Köln University of Applied Sciences, Cologne, Germany

Michael Fortmann & Stefan Materne

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Barry Sheehan .

Ethics declarations

Conflict of interest.

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Additional information

Publisher's note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Supplementary Information

Below is the link to the electronic supplementary material.

Supplementary file1 (PDF 334 kb)

Supplementary file1 (docx 418 kb), rights and permissions.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ .

Reprints and permissions

About this article

Cremer, F., Sheehan, B., Fortmann, M. et al. Cyber risk and cybersecurity: a systematic review of data availability. Geneva Pap Risk Insur Issues Pract 47 , 698–736 (2022). https://doi.org/10.1057/s41288-022-00266-6

Download citation

Received : 15 June 2021

Accepted : 20 January 2022

Published : 17 February 2022

Issue Date : July 2022

DOI : https://doi.org/10.1057/s41288-022-00266-6

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Cyber insurance
• Systematic review
• Cybersecurity
• Find a journal
• Publish with us
• Track your research

• Privacy Policy

Buy Me a Coffee

Home » 500+ Cyber Security Research Topics

500+ Cyber Security Research Topics

Cybersecurity has become an increasingly important topic in recent years as more and more of our lives are spent online. With the rise of the digital age, there has been a corresponding increase in the number and severity of cyber attacks. As such, research into cybersecurity has become critical in order to protect individuals, businesses, and governments from these threats. In this blog post, we will explore some of the most pressing cybersecurity research topics, from the latest trends in cyber attacks to emerging technologies that can help prevent them. Whether you are a cybersecurity professional, a Master’s or Ph.D. student, or simply interested in the field, this post will provide valuable insights into the challenges and opportunities in this rapidly evolving area of study.

Cyber Security Research Topics

Cyber Security Research Topics are as follows:

• The role of machine learning in detecting cyber threats
• The impact of cloud computing on cyber security
• Cyber warfare and its effects on national security
• The rise of ransomware attacks and their prevention methods
• Evaluating the effectiveness of network intrusion detection systems
• The use of blockchain technology in enhancing cyber security
• Investigating the role of cyber security in protecting critical infrastructure
• The ethics of hacking and its implications for cyber security professionals
• Developing a secure software development lifecycle (SSDLC)
• The role of artificial intelligence in cyber security
• Evaluating the effectiveness of multi-factor authentication
• Investigating the impact of social engineering on cyber security
• The role of cyber insurance in mitigating cyber risks
• Developing secure IoT (Internet of Things) systems
• Investigating the challenges of cyber security in the healthcare industry
• Evaluating the effectiveness of penetration testing
• Investigating the impact of big data on cyber security
• The role of quantum computing in breaking current encryption methods
• Developing a secure BYOD (Bring Your Own Device) policy
• The impact of cyber security breaches on a company’s reputation
• The role of cyber security in protecting financial transactions
• Evaluating the effectiveness of anti-virus software
• The use of biometrics in enhancing cyber security
• Investigating the impact of cyber security on the supply chain
• The role of cyber security in protecting personal privacy
• Developing a secure cloud storage system
• Evaluating the effectiveness of firewall technologies
• Investigating the impact of cyber security on e-commerce
• The role of cyber security in protecting intellectual property
• Developing a secure remote access policy
• Investigating the challenges of securing mobile devices
• The role of cyber security in protecting government agencies
• Evaluating the effectiveness of cyber security training programs
• Investigating the impact of cyber security on the aviation industry
• The role of cyber security in protecting online gaming platforms
• Developing a secure password management system
• Investigating the challenges of securing smart homes
• The impact of cyber security on the automotive industry
• The role of cyber security in protecting social media platforms
• Developing a secure email system
• Evaluating the effectiveness of encryption methods
• Investigating the impact of cyber security on the hospitality industry
• The role of cyber security in protecting online education platforms
• Developing a secure backup and recovery strategy
• Investigating the challenges of securing virtual environments
• The impact of cyber security on the energy sector
• The role of cyber security in protecting online voting systems
• Developing a secure chat platform
• Investigating the impact of cyber security on the entertainment industry
• The role of cyber security in protecting online dating platforms
• Artificial Intelligence and Machine Learning in Cybersecurity
• Quantum Cryptography and Post-Quantum Cryptography
• Internet of Things (IoT) Security
• Developing a framework for cyber resilience in critical infrastructure
• Understanding the fundamentals of encryption algorithms
• Cyber security challenges for small and medium-sized businesses
• Developing secure coding practices for web applications
• Investigating the role of cyber security in protecting online privacy
• Network security protocols and their importance
• Social engineering attacks and how to prevent them
• Investigating the challenges of securing personal devices and home networks
• Developing a basic incident response plan for cyber attacks
• The impact of cyber security on the financial sector
• Understanding the role of cyber security in protecting critical infrastructure
• Mobile device security and common vulnerabilities
• Investigating the challenges of securing cloud-based systems
• Cyber security and the Internet of Things (IoT)
• Biometric authentication and its role in cyber security
• Developing secure communication protocols for online messaging platforms
• The importance of cyber security in e-commerce
• Understanding the threats and vulnerabilities associated with social media platforms
• Investigating the role of cyber security in protecting intellectual property
• The basics of malware analysis and detection
• Developing a basic cyber security awareness training program
• Understanding the threats and vulnerabilities associated with public Wi-Fi networks
• Investigating the challenges of securing online banking systems
• The importance of password management and best practices
• Cyber security and cloud computing
• Understanding the role of cyber security in protecting national security
• Investigating the challenges of securing online gaming platforms
• The basics of cyber threat intelligence
• Developing secure authentication mechanisms for online services
• The impact of cyber security on the healthcare sector
• Understanding the basics of digital forensics
• Investigating the challenges of securing smart home devices
• The role of cyber security in protecting against cyberbullying
• Developing secure file transfer protocols for sensitive information
• Understanding the challenges of securing remote work environments
• Investigating the role of cyber security in protecting against identity theft
• The basics of network intrusion detection and prevention systems
• Developing secure payment processing systems
• Understanding the role of cyber security in protecting against ransomware attacks
• Investigating the challenges of securing public transportation systems
• The basics of network segmentation and its importance in cyber security
• Developing secure user access management systems
• Understanding the challenges of securing supply chain networks
• The role of cyber security in protecting against cyber espionage
• Investigating the challenges of securing online educational platforms
• The importance of data backup and disaster recovery planning
• Developing secure email communication protocols
• Understanding the basics of threat modeling and risk assessment
• Investigating the challenges of securing online voting systems
• The role of cyber security in protecting against cyber terrorism
• Developing secure remote access protocols for corporate networks.
• Investigating the challenges of securing artificial intelligence systems
• The role of machine learning in enhancing cyber threat intelligence
• Evaluating the effectiveness of deception technologies in cyber security
• Investigating the impact of cyber security on the adoption of emerging technologies
• The role of cyber security in protecting smart cities
• Developing a risk-based approach to cyber security governance
• Investigating the impact of cyber security on economic growth and innovation
• The role of cyber security in protecting human rights in the digital age
• Developing a secure digital identity system
• Investigating the impact of cyber security on global political stability
• The role of cyber security in protecting the Internet of Things (IoT)
• Developing a secure supply chain management system
• Investigating the challenges of securing cloud-native applications
• The role of cyber security in protecting against insider threats
• Developing a secure software-defined network (SDN)
• Investigating the impact of cyber security on the adoption of mobile payments
• The role of cyber security in protecting against cyber warfare
• Developing a secure distributed ledger technology (DLT) system
• Investigating the impact of cyber security on the digital divide
• The role of cyber security in protecting against state-sponsored attacks
• Developing a secure Internet infrastructure
• Investigating the challenges of securing industrial control systems (ICS)
• Developing a secure quantum communication system
• Investigating the impact of cyber security on global trade and commerce
• Developing a secure decentralized authentication system
• Investigating the challenges of securing edge computing systems
• Developing a secure hybrid cloud system
• Investigating the impact of cyber security on the adoption of smart cities
• The role of cyber security in protecting against cyber propaganda
• Developing a secure blockchain-based voting system
• Investigating the challenges of securing cyber-physical systems (CPS)
• The role of cyber security in protecting against cyber hate speech
• Developing a secure machine learning system
• Investigating the impact of cyber security on the adoption of autonomous vehicles
• The role of cyber security in protecting against cyber stalking
• Developing a secure data-driven decision-making system
• Investigating the challenges of securing social media platforms
• The role of cyber security in protecting against cyberbullying in schools
• Developing a secure open source software ecosystem
• Investigating the impact of cyber security on the adoption of smart homes
• The role of cyber security in protecting against cyber fraud
• Developing a secure software supply chain
• Investigating the challenges of securing cloud-based healthcare systems
• The role of cyber security in protecting against cyber harassment
• Developing a secure multi-party computation system
• Investigating the impact of cyber security on the adoption of virtual and augmented reality technologies.
• Cybersecurity in Cloud Computing Environments
• Cyber Threat Intelligence and Analysis
• Blockchain Security
• Data Privacy and Protection
• Cybersecurity in Industrial Control Systems
• Mobile Device Security
• The importance of cyber security in the digital age
• The ethics of cyber security and privacy
• The role of government in regulating cyber security
• Cyber security threats and vulnerabilities in the healthcare sector
• Understanding the risks associated with social media and cyber security
• The impact of cyber security on e-commerce
• The effectiveness of cyber security awareness training programs
• The role of biometric authentication in cyber security
• The importance of password management in cyber security
• The basics of network security protocols and their importance
• The challenges of securing online gaming platforms
• The role of cyber security in protecting national security
• The impact of cyber security on the legal sector
• The ethics of cyber warfare
• The challenges of securing the Internet of Things (IoT)
• Understanding the basics of malware analysis and detection
• The challenges of securing public transportation systems
• The impact of cyber security on the insurance industry
• The role of cyber security in protecting against ransomware attacks
• The challenges of securing remote work environments
• Understanding the threats and vulnerabilities associated with social engineering attacks
• The impact of cyber security on the education sector
• Investigating the challenges of securing supply chain networks
• The challenges of securing personal devices and home networks
• The importance of secure coding practices for web applications
• The impact of cyber security on the hospitality industry
• The role of cyber security in protecting against identity theft
• The challenges of securing public Wi-Fi networks
• The importance of cyber security in protecting critical infrastructure
• The challenges of securing cloud-based storage systems
• The effectiveness of antivirus software in cyber security
• Developing secure payment processing systems.
• Cybersecurity in Healthcare
• Social Engineering and Phishing Attacks
• Cybersecurity in Autonomous Vehicles
• Cybersecurity in Smart Cities
• Cybersecurity Risk Assessment and Management
• Malware Analysis and Detection Techniques
• Cybersecurity in the Financial Sector
• Cybersecurity in Government Agencies
• Cybersecurity and Artificial Life
• Cybersecurity for Critical Infrastructure Protection
• Cybersecurity in the Education Sector
• Cybersecurity in Virtual Reality and Augmented Reality
• Cybersecurity in the Retail Industry
• Cryptocurrency Security
• Cybersecurity in Supply Chain Management
• Cybersecurity and Human Factors
• Cybersecurity in the Transportation Industry
• Cybersecurity in Gaming Environments
• Cybersecurity in Social Media Platforms
• Cybersecurity and Biometrics
• Cybersecurity and Quantum Computing
• Cybersecurity in 5G Networks
• Cybersecurity in Aviation and Aerospace Industry
• Cybersecurity in Agriculture Industry
• Cybersecurity in Space Exploration
• Cybersecurity in Military Operations
• Cybersecurity and Cloud Storage
• Cybersecurity in Software-Defined Networks
• Cybersecurity and Artificial Intelligence Ethics
• Cybersecurity and Cyber Insurance
• Cybersecurity in the Legal Industry
• Cybersecurity and Data Science
• Cybersecurity in Energy Systems
• Cybersecurity in E-commerce
• Cybersecurity in Identity Management
• Cybersecurity in Small and Medium Enterprises
• Cybersecurity in the Entertainment Industry
• Cybersecurity and the Internet of Medical Things
• Cybersecurity and the Dark Web
• Cybersecurity and Wearable Technology
• Cybersecurity in Public Safety Systems.
• Threat Intelligence for Industrial Control Systems
• Privacy Preservation in Cloud Computing
• Network Security for Critical Infrastructure
• Cryptographic Techniques for Blockchain Security
• Malware Detection and Analysis
• Cyber Threat Hunting Techniques
• Cybersecurity Risk Assessment
• Machine Learning for Cybersecurity
• Cybersecurity in Financial Institutions
• Cybersecurity for Smart Cities
• Cybersecurity in Aviation
• Cybersecurity in the Automotive Industry
• Cybersecurity in the Energy Sector
• Cybersecurity in Telecommunications
• Cybersecurity for Mobile Devices
• Biometric Authentication for Cybersecurity
• Cybersecurity for Artificial Intelligence
• Cybersecurity for Social Media Platforms
• Cybersecurity in the Gaming Industry
• Cybersecurity in the Defense Industry
• Cybersecurity for Autonomous Systems
• Cybersecurity for Quantum Computing
• Cybersecurity for Augmented Reality and Virtual Reality
• Cybersecurity in Cloud-Native Applications
• Cybersecurity for Smart Grids
• Cybersecurity in Distributed Ledger Technology
• Cybersecurity for Next-Generation Wireless Networks
• Cybersecurity for Digital Identity Management
• Cybersecurity for Open Source Software
• Cybersecurity for Smart Homes
• Cybersecurity for Smart Transportation Systems
• Cybersecurity for Cyber Physical Systems
• Cybersecurity for Critical National Infrastructure
• Cybersecurity for Smart Agriculture
• Cybersecurity for Retail Industry
• Cybersecurity for Digital Twins
• Cybersecurity for Quantum Key Distribution
• Cybersecurity for Digital Healthcare
• Cybersecurity for Smart Logistics
• Cybersecurity for Wearable Devices
• Cybersecurity for Edge Computing
• Cybersecurity for Cognitive Computing
• Cybersecurity for Industrial IoT
• Cybersecurity for Intelligent Transportation Systems
• Cybersecurity for Smart Water Management Systems
• The rise of cyber terrorism and its impact on national security
• The impact of artificial intelligence on cyber security
• Analyzing the effectiveness of biometric authentication for securing data
• The impact of social media on cyber security and privacy
• The future of cyber security in the Internet of Things (IoT) era
• The role of machine learning in detecting and preventing cyber attacks
• The effectiveness of encryption in securing sensitive data
• The impact of quantum computing on cyber security
• The rise of cyber bullying and its effects on mental health
• Investigating cyber espionage and its impact on national security
• The effectiveness of cyber insurance in mitigating cyber risks
• The role of blockchain technology in cyber security
• Investigating the effectiveness of cyber security awareness training programs
• The impact of cyber attacks on critical infrastructure
• Analyzing the effectiveness of firewalls in protecting against cyber attacks
• The impact of cyber crime on the economy
• Investigating the effectiveness of multi-factor authentication in securing data
• The future of cyber security in the age of quantum internet
• The impact of big data on cyber security
• The role of cybersecurity in the education system
• Investigating the use of deception techniques in cyber security
• The impact of cyber attacks on the healthcare industry
• The effectiveness of cyber threat intelligence in mitigating cyber risks
• The role of cyber security in protecting financial institutions
• Investigating the use of machine learning in cyber security risk assessment
• The impact of cyber attacks on the transportation industry
• The effectiveness of network segmentation in protecting against cyber attacks
• Investigating the effectiveness of biometric identification in cyber security
• The impact of cyber attacks on the hospitality industry
• The future of cyber security in the era of autonomous vehicles
• The effectiveness of intrusion detection systems in protecting against cyber attacks
• The role of cyber security in protecting small businesses
• Investigating the effectiveness of virtual private networks (VPNs) in securing data
• The impact of cyber attacks on the energy sector
• The effectiveness of cyber security regulations in mitigating cyber risks
• Investigating the use of deception technology in cyber security
• The impact of cyber attacks on the retail industry
• The effectiveness of cyber security in protecting critical infrastructure
• The role of cyber security in protecting intellectual property in the entertainment industry
• Investigating the effectiveness of intrusion prevention systems in protecting against cyber attacks
• The impact of cyber attacks on the aerospace industry
• The future of cyber security in the era of quantum computing
• The effectiveness of cyber security in protecting against ransomware attacks
• The role of cyber security in protecting personal and sensitive data
• Investigating the effectiveness of cloud security solutions in protecting against cyber attacks
• The impact of cyber attacks on the manufacturing industry
• The effective cyber security and the future of e-votingness of cyber security in protecting against social engineering attacks
• Investigating the effectiveness of end-to-end encryption in securing data
• The impact of cyber attacks on the insurance industry
• The future of cyber security in the era of artificial intelligence
• The effectiveness of cyber security in protecting against distributed denial-of-service (DDoS) attacks
• The role of cyber security in protecting against phishing attacks
• Investigating the effectiveness of user behavior analytics
• The impact of emerging technologies on cyber security
• Developing a framework for cyber threat intelligence
• The effectiveness of current cyber security measures
• Cyber security and data privacy in the age of big data
• Cloud security and virtualization technologies
• Cryptography and its role in cyber security
• Cyber security in critical infrastructure protection
• Cyber security in the Internet of Things (IoT)
• Cyber security in e-commerce and online payment systems
• Cyber security and the future of digital currencies
• The impact of social engineering on cyber security
• Cyber security and ethical hacking
• Cyber security challenges in the healthcare industry
• Cyber security and digital forensics
• Cyber security in the financial sector
• Cyber security in the transportation industry
• The impact of artificial intelligence on cyber security risks
• Cyber security and mobile devices
• Cyber security in the energy sector
• Cyber security and supply chain management
• The role of machine learning in cyber security
• Cyber security in the defense sector
• The impact of the Dark Web on cyber security
• Cyber security in social media and online communities
• Cyber security challenges in the gaming industry
• Cyber security and cloud-based applications
• The role of blockchain in cyber security
• Cyber security and the future of autonomous vehicles
• Cyber security in the education sector
• Cyber security in the aviation industry
• The impact of 5G on cyber security
• Cyber security and insider threats
• Cyber security and the legal system
• The impact of cyber security on business operations
• Cyber security and the role of human behavior
• Cyber security in the hospitality industry
• The impact of cyber security on national security
• Cyber security and the use of biometrics
• Cyber security and the role of social media influencers
• The impact of cyber security on small and medium-sized enterprises
• Cyber security and cyber insurance
• The impact of cyber security on the job market
• Cyber security and international relations
• Cyber security and the role of government policies
• The impact of cyber security on privacy laws
• Cyber security in the media and entertainment industry
• The role of cyber security in digital marketing
• Cyber security and the role of cybersecurity professionals
• Cyber security in the retail industry
• The impact of cyber security on the stock market
• Cyber security and intellectual property protection
• Cyber security and online dating
• The impact of cyber security on healthcare innovation
• Cyber security and the future of e-voting
• Cyber security and the role of open source software
• Cyber security and the use of social engineering in cyber attacks
• The impact of cyber security on the aviation industry
• Cyber security and the role of cyber security awareness training
• Cyber security and the role of cybersecurity standards and best practices
• Cyber security in the legal industry
• The impact of cyber security on human rights
• Cyber security and the role of public-private partnerships
• Cyber security and the future of e-learning
• Cyber security and the role of mobile applications
• The impact of cyber security on environmental sustainability
• Cyber security and the role of threat intelligence sharing
• Cyber security and the future of smart homes
• Cyber security and the role of cybersecurity certifications
• The impact of cyber security on international trade
• Cyber security and the role of cyber security auditing

About the author

Muhammad Hassan

Researcher, Academic Writer, Web developer

You may also like

200+ Funny Research Topics

500+ Sports Research Topics

500+ Environmental Research Topics

500+ Economics Research Topics

500+ Physics Research Topics

500+ Google Scholar Research Topics

Cookie Notice

This website uses cookies. Contact us for questions or requests.

Information for:

• Current Students
• Faculty & Staff
• Degrees & Programs
• Campus Maps
• Jobs & Careers
• Campus Shuttles
• Student Life
•   Giving

• Augusta University

5 Research Topics in Cybersecurity

In 2022, market and consumer data firm Statista reported that cyberattacks would cost individuals and companies $8.4 trillion globally that year. By 2027, it projected, the cost would rise to $23.8 trillion. Cyberattacks occur when individuals gain unauthorized access to digital systems and information for malicious purposes. Their enormous cost to people and organizations makes it critical to protect systems, software and data against those attacks.

The term “cybersecurity” refers to efforts to protect corporate or personal electronic equipment against these costly attacks. Understanding the vulnerabilities that can allow unauthorized and damaging access to digital systems is a key component in cybersecurity research. An advanced degree in information security management can help professionals learn how cybersecurity risks are evolving, what cybersecurity risks to look for in their own organizations and how to address them.

What Is Cybersecurity Research?

Cybersecurity research focuses on reviewing digital tools and processes to reveal potential vulnerabilities. Research on cybersecurity topics ranging from the Internet of Things (IoT) to work-from-home (WFH) information security can help people and companies stave off data breaches in those key areas.

Cybersecurity professionals can rely on computer science research tactics such as testing web browsers and online applications to uncover areas that a hacker could exploit to gain unauthorized data access. They can also turn to empirical research that examines issues related to cybersecurity from various angles, from criminal science to international relations, and that offers approaches to address those concerns.

In fact, conducting research about potential security threats and information technology (IT) trends is a key responsibility of cybersecurity professionals, such as information security analysts.

Why Is Cybersecurity Research Important?

The value of cybersecurity research is growing due to the proliferation of connected devices that allow cybercriminals to access digital information — and as the costs associated with successful cyberattacks increase.

The origin of cyberattacks can be computers and the systems that run them, but it can also be any of hundreds of everyday devices that use technology to collect and share data. From smartphones to medical equipment, the tools that cyberattackers can compromise generate or store a staggering amount of data.

Statista reports that the amount of data created, copied, downloaded and read globally in 2010 was 2 zettabytes. By 2025, Statista predicts, the capacity of the data in use around the world will reach 181 zettabytes.

The growth in the use of data is occurring alongside a host of issues, from COVID-19-related disruptions to geopolitical events, that can make the technology that shares and stores it more vulnerable to attack. Conducting research on cybersecurity topics can assist IT professionals in protecting these large amounts of data during challenging times by helping them:

• Understand the vulnerabilities of digital tools and processes
• Determine the significance of data breach impacts
• Prioritize their efforts to ensure protection of critical information

5 Current Research Topics in Cybersecurity?

Today’s most pressing research topics in cybersecurity go beyond password protection and firewalls. A global pandemic, geopolitical events and technological advances are also behind some key topics that are now driving cybersecurity research. Below are five of those top cybersecurity research topics.

1. Artificial Intelligence

Artificial intelligence (AI), in which machines complete tasks that traditionally had required humans to perform, today is helping computing professionals observe and analyze activity related to large amounts of digital data. The efficiency of using AI for cybersecurity can lead to significant savings as organizations respond to data compromises. The shortened response time led companies to an average of $3 million in savings in those situations, according to a 2022 report from IBM.

One key research topic for cybersecurity professionals is how best to use AI to find potential vulnerabilities and remove them — before cyberattackers use that same technology to find those security risks and exploit them.

However, AI in the wrong hands can also present a cybersecurity risk. AI can also be a tool for misusing data, with cybercriminals relying on this technology to create inauthentic emails and phone messages to trick users into providing personal data. The increasing reliance on AI makes this issue even more important for cybersecurity researchers, with Statista projecting in 2022 that the AI software market would reach $126 billion around the world by 2025.

2. Digital Supply Chains

Digital supply chain systems monitor and evaluate the functions of each party in the chain, to help them produce and distribute products more efficiently. Hackers can exploit the technology used in this process, making cyberattacks an additional threat to supply chains already experiencing disruptions related to the pandemic.

For example, technology research firm Gartner, predicted in 2022 that by 2025, a total of 45 percent of companies would suffer digital attacks on their supply chains. This percentage is three times higher than the percentage from 2021. A 2022 report from cybersecurity company Venafi found that 82 percent of chief information officers feared that their organizations’ supply chains were vulnerable to this type of attack.

Cybersecurity professionals today are investigating potential digital security risks in supply chains, while corporate leaders are seeking out suppliers that focus on researching — and correcting — these vulnerabilities.

3. Internet of Things

The IoT refers to the ability to connect almost any device with the internet and with other connected tools. From kitchen appliances to wearable fitness gadgets, numerous products and tools are part of the IoT. Statista reported in 2022 that more than 11 million devices were digitally connected in 2021. The firm also projected that more than 29 billion devices would be IoT connected by 2030.

The many devices that rely on the IoT measure and process vast amounts of data, and the networks and cloud systems that hold and share that data present a host of security risks. A key area of cybersecurity research has been tracking these vulnerabilities. Manufacturers, consumers and governments have begun using the knowledge gathered by cybersecurity researchers to establish practices and policies that safeguard against the risks these researchers are finding.

4. State-Sponsored Attacks

Cyberattacks from government actors seeking state secrets are nothing new, but a growing trend is for hackers seeking this unauthorized access to target organizations and individuals with no government affiliation. The ultimate goal can be intelligence, technology theft, supply chain disruption or even influencing internal politics through disinformation.

A 2022 Forbes article noted that in 2023, more than 70 nations were set to conduct elections, and the digital activities related to these events, including reports about them, are a frequent target of hostile government actors. Additionally, countries involved in armed conflicts increasingly rely on cyberattacks to gain advantage over enemy governments, even when it involves interfering with the work of private companies and citizens.

These trends have made it critical for cybersecurity researchers to learn more about potential vulnerabilities in government networks, attacks on private companies that can impact critical infrastructure, and the security of elections.

5. Working From Home

Fueled by pandemic restrictions, the number of WFH employees exploded in recent years. The number of remote workers will reach more than 36 million in the U.S. by 2025, according to 2020 projections from freelancing platform Upwork.

The many employees based at off-site locations have made managing data security difficult for companies, whose workers may use unprotected devices to access and transmit business information. That leaves the employees vulnerable to attacks that target sensitive data or threaten malicious activity unless the company meets the hackers’ demands.

Adding to the security risk is the proliferation of work and other activity that requires the use of the internet and internet-based tools like videoconferencing. A 2021 Pew Research Center survey showed that 40 percent of Americans had relied on these types of tools and processes in new ways since the pandemic began in early 2020. Cybersecurity professionals are studying how best to protect employees — and the corporate data they use in their work — from cyberattackers.

Take a Leadership Role in Cybersecurity

Cybersecurity research can shed light on issues with data protection — and the tools and processes that provide it. If you’re ready to help guide your organization’s response to cybersecurity issues, explore Augusta University Online’s Master of Science (MS) in Information Security Management program.

Through online courses focused on Certified Information Systems Security Professional (CISSP) certification elements, students can gain the knowledge to help their employers navigate today’s cybersecurity challenges. Explore how AU Online’s MS in Information Security Management can help you reach your career goals.

Built In, “What Is Artificial Intelligence?” Cybersecurity and Infrastructure Security Agency, Cyber Threats and Advisories Forbes, “The Top Five Cybersecurity Trends in 2023” Gartner, “7 Top Trends in Cybersecurity for 2022” IBM, “Cost of Data Breach 2022: A Million Dollar Race to Detect and Respond” IBM, What Is Cybersecurity? Journal of Cybersecurity, About the Journal Microsoft, What Is a Cyberattack? Network World, “What Is IoT? The Internet of Things Explained” Oracle, “Digital Supply Chain Explained” Pew Research Center, “The Internet and the Pandemic” Statista, Estimated Cost of Cybercrime Worldwide From 2016 to 2027 Statista, Number of Internet of Things (IoT)-Connected Devices Worldwide From 2019 to 2021, With Forecasts From 2022 to 2030 Statista, Revenues From the Artificial Intelligence (AI) Software Market Worldwide From 2018 to 2025 Statista, Volume of Data/Information Created, Captured, Copied, and Consumed Worldwide From 2010 to 2020, With Forecasts From 2021 to 2025 TechRadar Pro, “Why Cybersecurity Research Is Now More Important Than Ever” The Conversation, “5 Ways the COVID-19 Pandemic Has Forever Changed Cybersecurity” Upwork, Upwork Study Finds 22% of American Workforce Will Be Remote by 2025 U.S. Bureau of Labor Statistics, Information Security Analysts Venafi, “Study: 82% of CIOs Say Their Software Supply Chains Are Vulnerable” Vivaldi, “An Insight Into Security Research and Ethical Hacking”

Want to hear more about Augusta University Online’s programs?

Fill out the form below, and an admissions representative will reach out to you via email or phone with more information. After you’ve completed the form, you’ll automatically be redirected to learn more about Augusta University Online and your chosen program.

Top 111+ Stunning Cybersecurity Research Topics For 2023

Are you confused about cybersecurity and its research topics? So here, in this blog, we will discuss cybersecurity research topics. This article is important If you are studying computer science or a cybersecurity course.

If you want good grades in cybersecurity research topics, you should pick the latest cybersecurity research topics for your academic exam or test. Here, you can choose the good and latest cybersecurity research topics.

You know that cybercrime is increasing day by day because millions of people use the internet. Several applications deal with the internet, and people normally use the internet for bank transactions, food delivery, online shopping, social media, gaming, etc. Attackers can steal your information, data, and money with the help of malicious software, So we need cybersecurity services.

What is Cybersecurity?

Table of Contents

Cybersecurity is a process of preventing unauthorized access or protecting networks, devices, and data from digital attacks. Cybersecurity is also known as IT(Information Technology)Security which is designed to prevent threats against network systems, applications, and other platforms. In simple words, It prevents or protects any information, data, and others.

Here Are Some of the Best Writing Tips From Statanalytica’s Expert

As you might already know that a well-planned action and a set of useful tools will also help you write a high-quality research paper. On the other hand, remaining motivated throughout the process.

• By choosing an interesting topic for your research paper.
• Conduct some research to find reputable sources.
• Clearly state your cybersecurity thesis.
• A rough plan should be created.
• Finish your paper by drafting it.
• Make sure your content is properly formatted.
• Make sure you understand the assignment before you begin writing your research paper.

Let’s Discuss the 111+ Stunning Cybersecurity Research Topics

Below we listed 111+ cybersecurity research topics that can be used in 2023:

Top 10 Cyber Security Topics of 2023

Here are the top 10 cyber security topics of 2023:

• Can strong passwords protect information?
• Is security in critical infrastructure important?
• The importance of end-user education
• Cloud security posture management
• How does malware work?
• The principle of zero trust access
• 3 phases of application security
• Should removable media be encrypted?
• The importance of network security
• Do biometrics ensure the security of iPhones?

Latest Cybersecurity Research Topics of 2023

• Is removable media a threat?
• Cybersecurity standards for automotive
• How to prevent social engineering attacks
• Security breaches of remote working
• How to prevent phishing attacks
• Physical security measures in banks
• Privacy settings of social media accounts
• Blockchain security vulnerabilities
• Why should you avoid public Wi-Fi?
• How does two-factor authentication work?
• Cryptography
• Discuss the importance of intranet security
• Rise of Automotive Hacking
• What is ethical hacking? 
• The evolution of phishing and how it is becoming more sophisticated
• Which antivirus software is the best in the world?
• The most up-to-date and trending cybersecurity technology
• How can organizations prevent network attacks?
• What is Digital Piracy?
•  Application of biometrics in cyber security?
• Identity theft on the Internet
• Risk management in computing
•  Rise of computer forensics
• Threats are analyzed using digital forensic techniques
• What is a Remote Access VPN?
•  Digital security and Social Networks
• The risks of using public Wi-Fi networks
• Popular online scams in 2022
• Artificial intelligence security systems

Network Security Research Topics 

• Data storage centralization
• Identify Malicious activity on a computer system.
• Importance of keeping updated Software 
• wireless sensor network
• What are the effects of ad-hoc networks 
• How can a company network be safe?
• What are Network segmentation and its applications?
• Discuss Data Loss Prevention systems 
• Discuss various methods for establishing secure algorithms in a network.
• Talk about two-factor authentication

Topics for Application Security Research

• Discuss SQL injection attacks.
• Inadequately configured security protocols.
• Talk about data leaks in mobile apps.
• Backend access control is critical.
• Logging has many advantages for applications.
• Malicious apps are available on Google Play.
• AI applications: ethical constraints and opportunities.
• What is the effect of insecure deserialization?
• The most effective application security testing practices.
• Apps are vulnerable to XSS attacks.

 Information Technology Security Research Topics

• Why should people avoid sharing their details on Facebook?
• What is the importance of unified user profiles?
•  Discuss Cookies and Privacy 
• White hat and black hat hackers
• What are the most secure methods for ensuring data integrity?
• Talk about the implications of Wi-Fi hacking apps on mobile phones
• Analyze the data breaches in 2022
• Discuss digital piracy in 2022
• critical cyber-attack concepts
• Social engineering and its importance

Operational Security Research Topics In 2023

• Securing containerized applications in cloud environments.
• Implementing secure remote access policies for remote workers.
• Evaluating the effectiveness of endpoint protection solutions.
• Protecting against DNS tunneling attacks.
• Securing cloud-based storage solutions.
• Developing secure mobile device management policies.
• Analyzing the effectiveness of honeypots in detecting attacks.
• Securing software supply chains against attacks.
• Investigating the effectiveness of deception technologies in cybersecurity.
• Developing secure network segmentation strategies.
• Evaluating the effectiveness of network traffic analysis solutions.
• Analyzing the effectiveness of two-factor authentication in securing systems.
• Securing critical infrastructure against cyber threats.
• Developing secure email policies to prevent phishing attacks.
• Investigating the use of artificial intelligence in cybersecurity.
• Developing secure DevOps practices.
• Analyzing the effectiveness of security information and event management (SIEM) solutions.
• Securing the Internet of Things (IoT) devices.
• Evaluating the effectiveness of password management solutions.
• Developing secure incident response strategies.

Topics for a Research Paper on CyberCrime Prevention

• Criminal Specialization. 
• Drug Courts. 
• Capital Punishment. 
• Criminal Courts. 
• Crime Prevention. 
• Community Corrections. 
• Criminal Law. 
• Criminal Justice Ethics. 

Computer and Software Security Research Topics

• Learn algorithms for data encryption.
• Concept of risk management security.
• How to develop the best internet security software.
•  What are Encrypting viruses- How does it work?
• How does a Ransomware attack work?
• Scanning of malware on your PC.
• Infiltrating a Mac OS X operating system.
• What are the effects of RSA on network security?
• How do encrypting viruses work?
• DDoS attacks on IoT devices.

Computer and Software Cyber Security Topics

• The importance of updating computer software.
• How to safeguard your computer against malware and other threats.
• The best security practices for your computer and software.
• The various types of cyber security threats and how to avoid them.
• The significance of cyber security education and awareness.
• The importance of cyber security in protecting critical infrastructure.

Data Security Research Topics

• Importance of backup and recovery.
• Benefits of logging for applications.
• Understand physical data security.
• Importance of Cloud Security.
• In computing, the relationship between privacy and data security.
• Discuss the effects of a black hole on a network system.

Application Security Topics

• Detect Malicious Activity on Google Play Apps.
• Dangers of XSS attacks on apps.
• Insecure Deserialization Effect.
• Check Security protocols.

CyberSecurity Law Research Paper Topics

• Strict cybersecurity laws in China.
• Importance of the Cybersecurity Information Sharing Act.
• USA, UK, and other countries cybersecurity laws.
• Discuss The Pipeline Security Act in the United States.

If you are interested in criminal research topics, then here are the best criminal justice research topics for you.

How to Choose The Best Cybersecurity Research Topics in 2023

There are a few factors to consider when selecting cybersecurity research topics. The first and main thing to consider is to ensure that the topic is current and relevant. Because cyber security is a changing field. As a result, it is very crucial to select a topic that will be relevant for a few months.

On the other hand, the second thing to consider is to select an interesting and engaging topic. Because cyber security can be a dry subject, it is critical to select a topic that will keep readers interested.

Finally, it is very important to select a researchable topic. There are several cybersecurity topics available, but not all of them are simple to research. Choose a topic about which there is a lot of information.

• Determine your target audience
• Define your research objectives
• Choose a topic that your audience will find both interesting and relevant
• Conduct preliminary research to ensure that there is sufficient information available on your chosen topic
• Make sure your topic is focused enough to fit into a single research paper

Research Area in Cyber Security

Cybersecurity is extensive, and constantly evolving field. On the other hand, its research takes place in many areas:

• Quantum & Space 
• Data Privacy 
• Criminology & Law
• AI & IoT Security

Get More Cybersecurity Research Topics

In this blog, we have covered the 111+ best cybersecurity research topics. These cybersecurity topics help in your exam or test. If you have any difficulty with cybersecurity research topics, you can take cybersecurity research paper help or research paper assignment help at a very affordable price.

Here are some of the benefits of taking cybersecurity research topics help from us.

• 24 Hours Availability
• On-time Delivery
• Free Corrections
• Money-Back Guarantee
• Affordable Deals
• Professional Experts

You can contact us any time and impress your teacher by choosing a good cybersecurity research topic.

This is the end of the post, which is about cybersecurity research topics. On the other hand, we mentioned 111+ stunning cybersecurity research topics for 2023 offer an excellent opportunity for researchers to explore and address critical cybersecurity challenges. However, the ever-evolving technological landscape presents new security challenges every day, and it is essential to keep up with the latest trends to stay ahead of cyber threats. 

On the other hand, these research topics provide many areas to explore, from network security, the internet of things, and software security to network security, cryptography, and data security. I hope you like this post.

Q1. What are the types of cyber security threats?

There are several different types of cyber security threats. More popular are Trojan horses, worms, ransomware, and phishing scams. These types of threats can be very dangerous for the cyber system.

Q2. What are the most controversial topics in criminal justice?

1. Prisoners being granted the right to work 2. Carrying a concealed weapon 3. Prison rape and violence 4. Plea agreement/bargain 5. Rehab vs. reform. 6. Is an eyewitness testimony effective? 7. Enforcement and effectiveness of stalking laws. 8. Rape culture and the victim’s rights

Q3. What are the main cyber threats of 2023?

There are multiple cyber security threats, but the main social threats of 2023 are email impersonation and phishing.  On the other hand, email impersonation is a phishing technique in which a fake email address that appears to be legitimate is used. 

Related Posts

Step by Step Guide on The Best Way to Finance Car

The Best Way on How to Get Fund For Business to Grow it Efficiently

75 Cyber Security Research Topics in 2024

Introduction to Cybersecurity Research

Cybersecurity research aims to protect computer systems, networks, and data from unauthorised access, theft, or damage. It involves studying and developing methods and techniques to identify, understand, and mitigate cyber threats and vulnerabilities. 

The field can be divided into theoretical and applied research and faces challenges such as

• Increasing complexity 
• New forms of malware 
• The growing sophistication of cyber attacks

On a daily basis, approximately 2,200 cyber attacks occur, with an average of one cyber attack happening every 39 seconds. This is the reason why researchers must stay up-to-date and collaborate with others in the field. 

In this article, let’s discuss the different cybersecurity research topics and how they will help you become an expert in the field.

Check out our  free technology courses  to get an edge over the competition.

Here are some of the latest research topics in cyber security – 

Emerging Cyber Threats and Vulnerabilities in 2024

Continual technological advancements lead to changes in cybersecurity trends, with data breaches, ransomware, and hacks becoming more prevalent. 

• Cyber Attacks and Their Countermeasures – Discuss – This research paper will discuss various cyber attacks and their corresponding countermeasures. It aims to provide insights on how organisations can better protect themselves from cyber threats.
• Is Cryptography Necessary for Cybersecurity Applications? – Explore the role of cryptography in ensuring the confidentiality, integrity, and availability of data and information in cybersecurity. It would examine the various cryptographic techniques used in cybersecurity and their effectiveness in protecting against cyber threats.

Here are some other cyber security topics that you may consider – 

• Discuss the Application of Cyber Security for Cloud-based Applications 
• Data Analytics Tools in Cybersecurity
• Malware Analysis
• What Are the Behavioural Aspects of Cyber Security? 
• Role of Cyber Security on Intelligent Transporation Systems
• How to Stop and Spot Different Types of Malware?

Check Out upGrad’s  Software Development Courses  to upskill yourself.

Machine Learning and AI in Cybersecurity Research

Machine learning and AI are research topics in cybersecurity, aiming to develop algorithms for threat detection, enhance intelligence and automate risk mitigation. However, security risks like adversarial attacks require attention.

• Using AI/ML to Analyse Cyber Threats – This cyber security research paper analyses cyber threats and could include an overview of the current state of cyber threats and how AI/ML can help with threat detection and response. The paper could also discuss the challenges and limitations of using AI/ML in cybersecurity and potential areas for further research.

Here are some other topics to consider – 

• Developing Cognitive Systems for Cyber Threat Detection and Response
• Developing Distributed Ai Systems to Enhance Cybersecurity
• Developing Deep Learning Architectures for Cyber Defence
• Exploring the Use of Computational Intelligence and Neuroscience in Enhancing Security and Privacy
• How is Cyber Security Relevant for Everyone? Discuss
• Discuss the Importance of Network Traffic Analysis
• How to Build an App to Break Ceasar Cipher

You can check out the Advanced Certificate Programme in Cyber Security course by upGrad, which will help students become experts in cyber security. 

IoT Security and Privacy

IoT security and privacy research aim to develop secure and privacy-preserving architectures, protocols, and algorithms for IoT devices, including encryption, access control, and secure communication. The challenge is to balance security with usability while addressing the risk of cyber-attacks and compromised privacy.

• Service Orchestration and Routing for IoT – It may focus on developing efficient and secure methods for managing and routing traffic between IoT devices and services. The paper may explore different approaches for optimising service orchestration. 
• Efficient Resource Management, Energy Harvesting, and Power Consumption in IoT – This paper may focus on developing strategies to improve energy use efficiency in IoT devices. This may involve investigating the use of energy harvesting technologies, optimising resource allocation and management, and exploring methods to reduce power consumption.

Here are some other cyber security project topics to consider – 

• Computation and Communication Gateways for IoT
• The Miniaturisation of Sensors, Cpus, and Networks in IoT
• Big Data Analytics in IoT
• Semantic Technologies in IoT
• Virtualisation in IoT
• Privacy, Security, Trust, Identity, and Anonymity in IoT
• Heterogeneity, Dynamics, and Scale in IoT
• Consequences of Leaving Unlocked Devices Unattended

Explore our Popular Software Engineering Courses

Blockchain security: research challenges and opportunities.

Blockchain security research aims to develop secure and decentralised architectures, consensus algorithms, and privacy-preserving techniques while addressing challenges such as smart contract security and consensus manipulation. Opportunities include transparent supply chain management and decentralised identity management.

• Advanced Cryptographic Technologies in the Blockchain – Explore the latest advancements and emerging trends in cryptographic techniques used in blockchain-based systems. It could also analyse the security and privacy implications of these technologies and discuss their potential impact. 
• Applications of Smart Contracts in Blockchain – Explore the various use cases and potential benefits of using smart contracts to automate and secure business processes. It could also examine the challenges and limitations of smart contracts and propose potential solutions for these issues.

Here are some other topics – 

• Ensuring Data Consistency, Transparency, and Privacy in the Blockchain
• Emerging Blockchain Models for Digital Currencies
• Blockchain for Advanced Information Governance Models
• The Role of Blockchain in Future Wireless Mobile Networks
• Law and Regulation Issues in the Blockchain
• Transaction Processing and Modification in the Blockchain
• Collaboration of Big Data With Blockchain Networks

Cloud Security: Trends and Innovations in Research

Cloud security research aims to develop innovative techniques and technologies for securing cloud computing environments, including threat detection with AI, SECaaS, encryption and access control, secure backup and disaster recovery, container security, and blockchain-based solutions. The goal is to ensure the security, privacy, and integrity of cloud-based data and applications for organisations.

• Posture Management in Cloud Security – Discuss the importance of identifying and addressing vulnerabilities in cloud-based systems and strategies for maintaining a secure posture over time. This could include topics such as threat modelling, risk assessment, access control, and continuous monitoring.
• Are Cloud Services 100% Secure?
• What is the Importance of Cloud Security?
• Cloud Security Service to Identify Unauthorised User Behaviour
• Preventing Theft-of-service Attacks and Ensuring Cloud Security on Virtual Machines
• Security Requirements for Cloud Computing
• Privacy and Security of Cloud Computing

Explore Our Software Development Free Courses

Cybercrime investigations and forensics.

Cybercrime investigations and forensics involve analysing digital evidence to identify and prosecute cybercriminals, including developing new data recovery, analysis, and preservation techniques. Research also focuses on identifying cybercriminals and improving legal and regulatory frameworks for prosecuting cybercrime.

• Black Hat and White Hat Hacking: Comparison and Contrast – Explore the similarities and differences between these two approaches to hacking. It would examine the motivations and methods of both types of hackers and their impact on cybersecurity.
• Legal Requirements for Computer Forensics Laboratories
• Wireless Hacking Techniques: Emerging Technologies and Mitigation Strategies
• Cyber Crime: Current Issues and Threats
• Computer Forensics in Law Enforcement: Importance and Challenges
• Basic Procedures for Computer Forensics and Investigations
• Digital Forensic Examination of Counterfeit Documents: Techniques and Tools
• Cybersecurity and Cybercrime: Understanding the Nature and Scope

An integral part of cybercrime investigation is to learn software development. Become experts in this field with the help of upGrad’s Executive Post Graduate Programme in Software Development – Specialisation in Full Stack Development . 

Cybersecurity Policy and Regulations

Cybersecurity policy and regulations research aims to develop laws, regulations, and guidelines to ensure the security and privacy of digital systems and data, including addressing gaps in existing policies, promoting international cooperation, and developing standards and best practices for cybersecurity. The goal is to protect digital systems and data while promoting innovation and growth in the digital economy.

• The Ethicality of Government Access to Citizens’ Data – Explore the ethical considerations surrounding government access to citizens’ data for surveillance and security purposes, analysing the potential risks and benefits and the legal and social implications of such access. 
• The Moral Permissibility of Using Music Streaming Services – Explore the ethical implications of using music streaming services, examining issues such as intellectual property rights, artist compensation, and the environmental impact of streaming. 
• Real Name Requirements on Internet Forums
• Restrictions to Prevent Domain Speculation
• Regulating Adult Content Visibility on the Internet
• Justification for Illegal Downloading
• Adapting Law Enforcement to Online Technologies
• Balancing Data Privacy With Convenience and Centralisation
• Understanding the Nature and Dangers of Cyber Terrorism

Human Factors in Cybersecurity

Human factors in cybersecurity research study how human behaviour impacts cybersecurity, including designing interfaces, developing security training, addressing user error and negligence, and examining cybersecurity’s social and cultural aspects. The goal is to improve security by mitigating human-related security risks.

• Review the Human Factors in Cybersecurity –  It explores various human factors such as awareness, behaviour, training, and culture and their influence on cybersecurity, offering insights and recommendations for improving cybersecurity outcomes.
• Integrating Human Factors in Cybersecurity for Better Risk Management
• Address the Human Factors in Cybersecurity Leadership
• Human Factors in IoT Security
• Internal Vulnerabilities: the Human Factor in It Security
• Cyber Security Human Factors – the Ultimate List of Statistics and Data

In-Demand Software Development Skills

Cybersecurity education and awareness.

Cybersecurity education and awareness aims to educate individuals and organisations about potential cybersecurity threats and best practices to prevent cyber attacks. It involves promoting safe online behaviour, training on cybersecurity protocols, and raising awareness about emerging cyber threats.

• Identifying Phishing Attacks – This research paper explores various techniques and tools to identify and prevent phishing attacks, which are common types of cyber attacks that rely on social engineering tactics to trick victims into divulging sensitive information or installing malware on their devices.
• Risks of Password Reuse for Personal and Professional Accounts – Investigate the risks associated with reusing the same password across different personal and professional accounts, such as the possibility of credential stuffing attacks and the impact of compromised accounts on organisational security. 
• Effective Defence Against Ransomware
• Information Access Management: Privilege and Need-to-know Access
• Protecting Sensitive Data on Removable Media
• Recognising Social Engineering Attacks
• Preventing Unauthorised Access to Secure Areas: Detecting Piggybacking and Tailgating
• E-mail Attack and Its Characteristics
• Safe Wifi Practice: Understanding VPN

With the increasing use of digital systems and networks, avoiding potential cyber-attacks is more important than ever. The 75 research topics outlined in this list offer a glimpse into the different dimensions of this important field. By focusing on these areas, researchers can make significant contributions to enhancing the security and safety of individuals, organisations, and society as a whole.

upGrad’s Master of Science in Computer Science program is one of the top courses students can complete to become experts in the field of tech and cyber security. The program covers topics such as Java Programming and other forms of software engineering which will help students understand the latest technologies and techniques used in cyber security. 

The program also includes hands-on projects and case studies to ensure students have practical experience in applying these concepts. Graduates will be well-equipped to take on challenging roles in the rapidly growing field of cyber security.

Pavan Vadapalli

Something went wrong

Our Popular Software Engineering Courses

Our Trending Software Engineering Courses

• Master of Science in Computer Science from LJMU
• Executive PG Program in Software Development Specialisation in Full Stack Development from IIIT-B
• Advanced Certificate Programme in Cyber Security from IIITB
• Full Stack Software Development Bootcamp
• Software Engineering Bootcamp from upGrad

Popular Software Development Skills

• React Courses
• Javascript Courses
• Core Java Courses
• Data Structures Courses
• ReactJS Courses
• NodeJS Courses
• Blockchain Courses
• SQL Courses
• Full Stack Development Courses
• Big Data Courses
• Devops Courses
• NFT Courses
• Cyber Security Courses
• Cloud Computing Courses
• Database Design Courses
• Crypto Courses
• Python Courses

Frequently Asked Questions (FAQs)

Artificial intelligence (AI) has proved to be an effective tool in cyber defence. AI is anticipated to gain even more prominence in 2024, mainly in monitoring, resource and threat analysis, and quick response capabilities.

One area of focus is the development of secure quantum and space communications to address the increasing use of quantum technologies and space travel. Another area of research is improving data privacy.

The approach to cybersecurity is expected to change from defending against attacks to acknowledging and managing ongoing cyber risks. The focus will be on improving resilience and recovering from potential cyber incidents.

Related Programs View All

15 Hrs Instructor-led Training

10 Hrs On-Demand Learning

Career Support

View Program

Executive PG Program

IIIT-B Alumni Status

Master's Degree

40000+ Enrolled Learners

Job Assistance

Certification

Top-Notch AWS Trainers

Mix of classroom and practicals

159+ Hours of Live Sessions

126+ Hours of Live Sessions

Fully Online

Practice Assignments & MCQs

2 Unique Specialisations

300+ Hiring Partners

Mock Tests, Assessments and More

24 Hours Live Online Training

32 Hands-On Exercises

Real-World Simulations, Cloud Labs

Microsoft-Approved Curriculum

3 Live Projects to Fortify Learning

40 Hours Instructor-Led Sessions

Exam Support

DevOps Certified

Executive PG Certification

GenAI integrated curriculum

Job Prep Support

Instructor-Led Sessions

Hands-on UI/UX

Explore Free Courses

Learn more about the education system, top universities, entrance tests, course information, and employment opportunities in Canada through this course.

Advance your career in the field of marketing with Industry relevant free courses

Build your foundation in one of the hottest industry of the 21st century

Master industry-relevant skills that are required to become a leader and drive organizational success

Build essential technical skills to move forward in your career in these evolving times

Get insights from industry leaders and career counselors and learn how to stay ahead in your career

Kickstart your career in law by building a solid foundation with these relevant free courses.

Stay ahead of the curve and upskill yourself on Generative AI and ChatGPT

Build your confidence by learning essential soft skills to help you become an Industry ready professional.

Learn more about the education system, top universities, entrance tests, course information, and employment opportunities in USA through this course.

Suggested Blogs

by venkatesh Rajanala

29 Feb 2024

by Harish K

by Geetika Mathur

by spandita hati

28 Feb 2024

by Arjun Mathur

19 Feb 2024

by Rohan Vats

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

https://www.nist.gov/cybersecurity

Cybersecurity

NIST develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public. Our activities range from producing specific information that organizations can put into practice immediately to longer-term research that anticipates advances in technologies and future challenges.

Some NIST cybersecurity assignments are defined by federal statutes, executive orders and policies. For example, the Office of Management and Budget (OMB) mandates that all federal agencies implement NIST’s cybersecurity standards and guidance for non-national security systems. Our cybersecurity activities also are driven by the needs of U.S. industry and the broader public. We engage vigorously with stakeholders to set priorities and ensure that our resources address the key issues that they face. 

NIST also advances understanding and improves the management of privacy risks, some of which relate directly to cybersecurity.

Priority areas to which NIST contributes – and plans to focus more on – include cryptography, education and workforce, emerging technologies, risk management , identity and access management, measurements, privacy, trustworthy networks and trustworthy platforms.

Additional details can be found in these brief and more detailed fact sheets.

Featured Content

Cybersecurity topics.

• Cryptography
• Cybersecurity education and workforce development
• Cybersecurity measurement
• Identity & access management
• Privacy engineering
• Risk Management
• Securing emerging technologies
• Trustworthy networks
• Trustworthy platforms

The Research

Projects & programs.

Exposure Notification – protecting workplaces and vulnerable communities during a pandemic

Trustworthy Networks of Things

Cryptographic module validation program (cmvp).

Cyber-Physical Systems/Internet of Things for Smart Cities

Additional resources links.

NIST Drafts Major Update to Its Widely Used Cybersecurity Framework

NIST Releases Version 2.0 of Landmark Cybersecurity Framework

NIST Offers Guidance on Measuring and Improving Your Company’s Cybersecurity Program

NIST Launches Exploratory Digital Twins Study

Cybersecurity Insights Blog

Protecting model updates in privacy-preserving federated learning, updates on nist’s interagency international cybersecurity standardization working group, data distribution in privacy-preserving federated learning, travel update the nist csf 2.0 is here…along with many helpful resources….

The 35th Quest for Excellence® Conference

Applicant’s webinar: 2024 nice ramps funding opportunity, nice webinar: reintegrating justice-involved individuals into cybersecurity careers, nist workshop on the requirements for an accordion cipher mode 2024, stay in touch.

Sign up for our newsletter to stay up to date with the latest research, trends, and news for Cybersecurity.

Table of Contents

The evolving landscape of digital threats, top 20 cybersecurity trends, next up with cyber security trends, 20 emerging cybersecurity trends to watch out in 2024.

Businesses of all sizes, corporate entities, organizations, and even governments have embraced computerized systems to streamline daily operations. Consequently, ensuring cybersecurity has emerged as a paramount objective to protect data from many online threats and unauthorized intrusions. As technology evolves, so do cybersecurity trends, with data breaches, ransomware attacks , and hacks becoming increasingly commonplace. Elevate your expertise by enrolling in security courses led by industry experts, empowering you with the knowledge and skills needed for comprehensive data protection.

The landscape of digital threats has undergone a profound transformation over the past few decades, driven by technological advancements and the digital interconnectedness of our world. As our society increasingly relies on digital technology for communication , commerce, and critical infrastructure, the threat landscape has evolved in complexity and sophistication. This detailed exploration will delve into the various facets of the evolving digital threat landscape, examining its key characteristics, emerging trends , and challenges to individuals, organizations, and governments.

1. Increasing Sophistication

One of the most notable trends in the digital threat landscape is the increasing sophistication of cyberattacks. Attackers constantly develop new techniques and strategies to breach security systems, steal sensitive data , or disrupt critical services. Various factors, including the availability of powerful hacking tools, the proliferation of cybercrime forums, and the rise of nation-state-sponsored hacking groups, have driven this evolution.

Become a Cyber Security Professional

• 3.5 Million Unfilled Cybersecurity Roles Globally
• 700 K Available Job Roles

Cyber Security Expert

• Get Lifetime access to self-paced videos & class recordings
• Access to the CEH kit, including labs and exam vouchers

CEH (v12)- Certified Ethical Hacker

• 24x7 learner assistance and support

Here's what learners are saying regarding our programs:

Martin Beard

Lpl financial advisor , hfcu financial services.

My learning experience with Simplilearn was enriching and valuable. It will undoubtedly help me to transition into my new chosen field of Cybersecurity. I liked the live virtual classes as well as the recorded sessions.

Myles Howard II

The instructor chains together the learning topics very well. One subject leads to the next, and they are woven together comprehensively.

2. Diverse Attack Vectors

Digital threats now encompass many attack vectors, including malware, ransomware, and DDoS attacks . These attack vectors have become more versatile, with attackers combining multiple methods to achieve their goals. For example, a ransomware attack may begin with a phishing email and escalate to the deployment of malware that encrypts data.

3. Target Variety

Digital threats are no longer limited to traditional targets like large corporations and government agencies. Smaller businesses, healthcare organizations, educational institutions, and even individuals are now prime targets. This diversification of targets is driven by the desire to create disruption or steal valuable personal information.

4. Nation-State Actors

The involvement of nation-state actors in cyber warfare and espionage has added a new dimension to the digital threat landscape. Countries invest heavily in developing cyber capabilities, and state-sponsored hacking groups have been responsible for some of the most high-profile attacks in recent years. These attacks can have geopolitical implications and blur the line between traditional and cyber warfare .

5. Supply Chain Attacks

Another emerging trend is the rise of supply chain attacks, where attackers target supply chains to compromise the integrity of products and services. Recent incidents, such as the SolarWinds hack, have demonstrated the devastating impact of supply chain attacks, as they can affect organizations and their customers.

6. IoT Vulnerabilities

The expansion of IoT gadgets has ushered in fresh susceptibilities within the digital threat environment. Numerous IoT devices exhibit insufficient security capabilities, rendering them susceptible to exploitation by malicious actors. These IoT devices can be harnessed when compromised to initiate extensive Distributed Denial of Service (DDoS) assaults or breach home networks.

7. AI and Machine Learning in Attacks

Attackers increasingly leverage artificial intelligence (AI) and machine learning (ML) to enhance their capabilities. These technologies automate attacks, create more convincing phishing emails, and even identify vulnerabilities in target systems. As AI and ML continue to advance, their role in digital threats is likely to grow.

8. Regulatory and Compliance Challenges

The evolving digital threat landscape has prompted governments and regulatory bodies to introduce new cybersecurity regulations and standards . Organizations now face greater pressure to comply with these requirements, but achieving and maintaining compliance can be challenging, given the dynamic nature of digital threats.

9. Response and Resilience

Building effective incident response and resilience strategies has become paramount. Organizations must focus on preventing attacks and detecting, mitigating, and recovering from breaches. This includes regular security assessments, employee training, and robust incident response plans.

10. Global Collaboration

Given the transnational nature of digital threats, international collaboration has become crucial. Governments, law enforcement agencies, and cybersecurity organizations worldwide are working together to share threat intelligence, track down cybercriminals , and mitigate threats on a global scale.

1. The Emergence of Automotive Cybersecurity Threats

Today's modern vehicles are equipped with sophisticated software, offering seamless connectivity and advanced features such as cruise control, engine timing, and driver assistance systems. However, this reliance on automation and connectivity also exposes vehicles to potential hacking risks. Utilizing technologies like Bluetooth and WiFi for communication, hackers can exploit vulnerabilities to gain control of the vehicle or even eavesdrop on conversations through built-in microphones. With the increasing adoption of automated vehicles, these threats are expected to escalate, necessitating stringent cybersecurity measures, particularly for self-driving or autonomous vehicles.

2. Harnessing the Power of Artificial Intelligence in Cybersecurity

AI has become a cornerstone in enhancing cybersecurity across various sectors. Through machine learning algorithms, AI has enabled the development of automated security systems capable of tasks like natural language processing, face detection, and threat detection. However, this same technology is also leveraged by malicious actors to devise sophisticated attacks aimed at circumventing security protocols. Despite these challenges, AI-driven threat detection systems offer the ability to respond to emerging threats promptly, providing vital support for cybersecurity professionals.

3. Mobile Devices: A Growing Target for Cyber Attacks

The proliferation of mobile devices has made them lucrative targets for cybercriminals, with a notable increase in malware and attacks targeting mobile banking and personal data. The extensive use of smartphones for various activities, including financial transactions and communication, amplifies the risks associated with potential breaches. Mobile security becomes a focal point as cybersecurity threats evolve, with anticipated trends indicating a rise in smartphone-specific viruses and malware.

4. Cloud Security Challenges and Solutions

As organizations rely on cloud services, ensuring robust security measures becomes paramount for data storage and operations. While cloud providers implement robust security protocols, vulnerabilities may still arise due to user-end errors, malicious software, or phishing attacks. Continuous monitoring and updates are essential to mitigate risks and safeguard confidential data stored in the cloud.

5. Data Breaches: A Persistent Concern

Data breaches remain a significant concern for individuals and organizations worldwide, with even minor software flaws posing potential vulnerabilities. Regulatory frameworks like the GDPR and CCPA aim to enhance data protection and privacy rights, underscoring the importance of stringent security measures. Ensuring compliance with these regulations and implementing proactive security measures are essential to mitigating the risks associated with data breaches.

6. IoT Security in the Era of 5G

The proliferation of 5G networks ushers in a new era of interconnectedness, particularly with the Internet of Things (IoT). While offering unprecedented connectivity, this also exposes IoT devices to vulnerabilities from external threats and software bugs. The nascent nature of 5G architecture necessitates extensive research to identify and address potential security loopholes. Manufacturers must prioritize the development of robust hardware and software solutions to reduce the risk of data breaches and network attacks.

7. Embracing Automation for Enhanced Cybersecurity

Automation plays a pivotal role in managing the ever-expanding volume of data and streamlining security processes. In the face of demanding workloads, automation offers valuable support to security professionals, enabling swift and efficient responses to emerging threats. Integrating security measures into agile development processes ensures the creation of more secure software solutions, particularly for large and complex applications.

8. Targeted Ransomware Attacks

Targeted ransomware attacks pose a significant threat to industries reliant on specific software systems, with potentially devastating consequences. Recent incidents, such as the WannaCry attack on healthcare institutions, underscore the importance of robust cybersecurity measures. Organizations must remain vigilant against ransomware threats and implement proactive strategies to mitigate risks effectively.

9. Escalating State-Sponsored Cyber Warfare

The escalating tensions between global powers fuel state-sponsored cyber warfare, with cyberattacks increasingly targeting critical infrastructure and sensitive data. High-profile events, including elections, are vulnerable to cyber threats, necessitating heightened security measures. Expectations for 2024 include a surge in data breaches and state-sponsored actors' exploitation of political and industrial secrets.

10. Mitigating Insider Threats Through Awareness

Mistakes made by individuals continue to play a significant role in data breaches, especially regarding insider threats within organizations. To address this risk, it's vital to enhance awareness and provide thorough training programs for employees. By empowering staff to recognize and address potential vulnerabilities, companies can foster a strong culture of cybersecurity awareness. This approach is essential to safeguard sensitive data and effectively minimize the impact of insider threats.

11. Addressing Cybersecurity Challenges in Remote Work Environments

The transition to remote work during the pandemic presents fresh cybersecurity hurdles as employees navigate less secure network setups. It's crucial for organizations to emphasize the implementation of strong security protocols, such as multi-factor authentication and secure VPNs , to shield remote workers from cyber threats effectively.

12. Combating Social Engineering Attacks

Social engineering attacks like phishing and identity theft remain a considerable menace for organizations, leveraging human vulnerabilities to access sensitive information unlawfully. Mitigating the risks linked with social engineering attacks requires a combination of employee training and proactive security measures.

13. Enhancing Security with Multi-Factor Authentication

MFA provides additional security layers by mandating users to provide diverse authentication forms before accessing accounts or systems. This proactive approach reduces the likelihood of unauthorized access and fortifies the overall cybersecurity posture. It is imperative for organizations to make the adoption of MFA a priority in order to shield against cyber threats effectively.

14. Defending Against International State-Sponsored Attacks

Sophisticated state-sponsored attackers significantly threaten organizations, targeting critical infrastructure and sensitive data. Proactive security measures, including real-time monitoring and multi-factor authentication, are essential in defending against these advanced threats.

15. Strengthening Identity and Access Management

Effective identity and access management (IAM) policies help organizations control and monitor access to sensitive data and networks. Implementing robust authentication, authorization, and access control measures is essential in safeguarding against unauthorized access and data breaches.

16. Real-Time Data Monitoring for Early Threat Detection

Real-time data monitoring enables organizations to detect and respond promptly to suspicious activity, reducing the risk of data breaches and cyber-attacks. Automated alerts and log monitoring are crucial in identifying potential threats and minimizing their impact.

17. Securing Connected Vehicles Against Cyber Threats

The increasing connectivity of vehicles exposes them to cyber threats, necessitating robust security measures to protect against potential attacks. Encryption , authentication, and real-time monitoring are essential to safeguarding connected vehicles against automotive hacking.

18. Leveraging AI for Enhanced Security

Artificial intelligence (AI) offers significant potential to revolutionize cybersecurity, enabling real-time threat detection and response. Organizations should leverage AI-driven solutions to strengthen their security posture and mitigate emerging cyber threats effectively.

19. Ensuring Security for IoT Devices

As the number of Internet of Things (IoT) devices continues to grow, ensuring robust security measures becomes increasingly important. Organizations must prioritize the security of their IoT devices, implementing regular updates and safeguards to protect against potential vulnerabilities.

20. Strengthening Cloud Security Measures

Cloud computing introduces new security challenges, requiring organizations to implement robust security measures to protect against data breaches and cyber threats. Encryption, authentication, and regular patching are essential components of effective cloud security strategies, ensuring the integrity and confidentiality of cloud-based data and applications.

1. AI and ML in Cybersecurity

Integrating artificial intelligence (AI) and machine learning (ML) will play a pivotal role in cybersecurity. AI-powered threat detection, anomaly detection, and automated response systems will become more sophisticated in identifying and mitigating cyber threats. Adversarial AI and ML attacks will also challenge cybersecurity professionals to develop robust defenses.

2. Zero Trust Security Models

Adopting Zero Trust Architecture (ZTA) will expand further as organizations recognize the limitations of traditional perimeter-based security models. ZTA's principles of continuous verification and the principle of "never trust, always verify" will become more widespread to secure sensitive data and resources.

3. Quantum Computing Resistant Cryptography

The development of quantum computing -resistant cryptography will be essential as quantum computing technology advances. Organizations will need to transition to cryptographic algorithms that can withstand quantum attacks, ensuring the continued security of data and communications.

4. Cloud Security Evolution

Cloud security is always a priority, with organizations focusing on securing their cloud-native environments and addressing the challenges of misconfigurations and data exposure. Technologies like CASBs and CSPM will gain prominence.

5. 5G Network Security

With the rollout of 5G networks, there will be an increased emphasis on 5G network security. Faster speeds and lower latency will introduce new security challenges, including protecting IoT devices connected to 5G networks and ensuring the integrity of critical infrastructure.

6. IoT Security

As the IoT ecosystem expands, securing IoT devices will be critical. Enhanced security standards, regulations, and improved IoT device management will be essential to mitigate risks associated with insecure IoT devices.

7. Supply Chain Security

Organizations will strongly emphasize supply chain security to prevent and detect attacks targeting the software and hardware supply chain. Enhanced visibility into the supply chain and stringent security measures will be implemented to reduce the risk of compromise.

8. Biometric and Behavioral Authentication

Secure authentication methods, such as facial recognition and fingerprint scanning, will evolve to offer more robust security, with liveness detection and behavioral analytics to prevent spoofing. Multi-modal biometric authentication will become more prevalent.

9. Privacy Regulations and Data Protection

Privacy regulations will continue evolving, and organizations must adapt to stricter data protection requirements. Consumer data privacy and consent management will become more significant, and businesses must ensure compliance with global data privacy laws.

10. Cybersecurity Workforce Development

Efforts to address the cybersecurity skills shortage will intensify. More comprehensive training programs, certifications, and partnerships between academic institutions and the private sector will be established to nurture a skilled cybersecurity workforce.

11. Human-Centric Security

User-centric security awareness and training programs will be expanded to reduce the risk of social engineering attacks. Behavioral analytics and user-focused security tools will help identify unusual user behavior and potential insider threats.

12. Automated Threat Hunting

Automated threat hunting and threat intelligence platforms will gain prominence in proactively identifying and mitigating emerging threats. These solutions will help organizations stay ahead of threat actors by continuously monitoring for signs of compromise.

13. International Cybersecurity Collaboration

Collaboration between governments, international organizations, and cybersecurity experts will intensify to address global cyber threats effectively. Cybersecurity information sharing and coordinated responses to cyber incidents will become more common.

14. Regulatory and Legal Challenges

With new cybersecurity laws, standards, and compliance requirements being introduced, the legal and regulatory landscape will continue to evolve. Organizations must navigate these complex regulations to avoid legal consequences and reputational damage.

15. Cyber Insurance

The cyber insurance market will grow as organizations recognize the need for financial protection against cyber incidents. Cyber insurance policies will become more tailored to specific industry risks and compliance requirements.

16. AI-Driven Security Testing

AI-powered penetration testing and vulnerability assessment tools will become more sophisticated in identifying weaknesses in systems and applications, allowing organizations to address security flaws proactively.

17. Incident Response and Recovery Planning

The development and testing of incident response and recovery plans will be a focus for organizations. The capacity to detect and respond to cyber incidents and recover from them will be critical to minimizing the impact of breaches.

18. Smart Cities and Critical Infrastructure Security

As smart city initiatives and the digitization of critical infrastructure expand, security measures for these interconnected systems will be paramount. Protecting essential services like power grids and transportation systems will be a top priority.

19. AI-Powered Cybercriminals

Cybercriminals will increasingly employ AI and ML in their attacks, making them more challenging to detect and mitigate. Adversarial AI will be used to evade security measures and enhance attack strategies.

20. Ethical Hacking and Bug Bounty Programs

Organizations will continue to embrace ethical hacking and bug bounty programs to detect system vulnerabilities. Crowdsourced security testing will become more common, allowing organizations to proactively fix security issues.

Grab the opportunity to be a part of the MIT CSAIL Professional Programs community and interact with your peers. Attend masterclasses from MIT faculty in our PGP in Cyber Security and expedite your cybersecurity career in no time!

Elevating your security measures is paramount in today's landscape, and we're here to support you. Our Cyber Security Expert Masters Program is designed to furnish you with the essential skills to excel in this swiftly evolving field. Through our comprehensive curriculum, you'll gain proficiency in safeguarding your infrastructure, encompassing data protection, risk assessment, cloud-based security architecture, compliance adherence, and beyond.

1. What are the most common types of cybersecurity threats today?

The prevalent cybersecurity threats of today encompass phishing attacks, ransomware, various forms of malware such as Trojans and viruses, insider threats, and Distributed Denial of Service (DDoS) attacks.

2. How can individuals and businesses better protect themselves?

People and organizations can boost their cybersecurity by consistently updating their software, employing robust and distinctive passwords, integrating multi-factor authentication, educating staff or themselves on cybersecurity protocols, and investing in dependable antivirus and anti-malware software.

3. What are the implications of emerging technologies on future cybersecurity?

The advent of emerging technologies like AI and IoT presents both promising prospects and formidable challenges for the future of cybersecurity. While AI holds the potential to bolster threat detection and response capabilities, it also opens avenues for exploitation by cybercriminals. Similarly, IoT devices bring forth novel vulnerabilities that can be targeted by malicious actors. To effectively safeguard against evolving threats, future cybersecurity efforts must evolve to embrace and integrate these technologies within comprehensive defense strategies.

Our Cyber Security Certifications Duration And Fees

Cyber Security Certifications typically range from a few weeks to several months, with fees varying based on program and institution.

Recommended Reads

Cybersecurity Trends: Where the Industry Is Heading in an Uncertain 2024

Webinar Wrap-Up: Cyber Security Trends and Careers in 2024

Cyber Security for Beginners

An Introduction to Cyber Security: A Beginner's Guide

Information Security Trends to Watch Out for in 2016

Cyber Security: Career Path | Skills | Salary | Certifications

Get Affiliated Certifications with Live Class programs

Professional certificate program in cybersecurity- red team.

• Live sessions on the latest AI trends, such as generative AI, prompt engineering, explainable AI, and more
• Program completion certificate from IIT Kanpur and Simplilearn
• PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

Security Management Research Paper Topics

Security management research paper topics are a critical area of study for management students looking to explore the complex world of safeguarding organizational assets. Security management covers various facets, including information security, physical security, risk management, compliance, and more. The study of security management is increasingly relevant in our technology-driven world. Research within this field equips students with the knowledge to protect an organization’s information and physical resources, and the skills to respond to rapidly evolving security threats. This page provides a comprehensive list of research topics to assist students in selecting a subject that aligns with their interests and the current industry demands. The following sections will provide an in-depth look into various security management research topics, organized into ten categories with ten subjects each. Additionally, this page will offer insights into how to choose and write about these topics, along with an overview of iResearchNet’s customized writing services for those who seek professional assistance.

100 Security Management Research Paper Topics

The field of security management is as vast as it is vital in today’s global landscape. From protecting information systems to ensuring the physical safety of assets, security management plays a central role in the smooth operation of organizations across various sectors. As we dive into this comprehensive list of security management research paper topics, students will find a plethora of subjects that are both challenging and relevant. The topics are divided into ten distinct categories, each focusing on a different aspect of security management.

Academic Writing, Editing, Proofreading, And Problem Solving Services

Get 10% off with 24start discount code.

• Role of Encryption in Data Protection
• Security Protocols in Wireless Networks
• Cloud Security Management Strategies
• Biometric Security Measures
• Ethical Hacking and Defense Strategies
• Security Risks in Internet of Things (IoT)
• Mobile Application Security
• Compliance with GDPR and Other Regulations
• Social Engineering Attacks and Prevention
• Virtual Private Networks (VPNs) and Security
• Designing Secure Buildings and Facilities
• Access Control Systems and Technologies
• Surveillance and Monitoring Techniques
• Security Personnel Training and Management
• Risk Assessment for Physical Threats
• Vehicle Security and Fleet Management
• Maritime Security Protocols
• Security Measures for Public Events
• Emergency Response and Evacuation Planning
• Integration of Technology in Physical Security
• Enterprise Risk Management Strategies
• Security Policies and Compliance Auditing
• Regulatory Compliance in Different Industries
• Risk Mitigation and Disaster Recovery Planning
• Cyber Insurance and Risk Transfer
• Security Awareness and Training Programs
• Third-party Vendor Risk Management
• Financial Risk Management in Security Operations
• Implementing ISO Security Standards
• Privacy Policies and Consumer Protection
• Cyber Threat Intelligence and Analysis
• Intrusion Detection Systems and Firewalls
• Secure Software Development Lifecycle
• Incident Response and Crisis Management
• Security Considerations in E-commerce
• Protecting Against Ransomware and Malware
• Security in Social Networking Sites
• Cybersecurity in Critical Infrastructure
• Mobile Device Security in the Workplace
• Privacy vs. Security in Cyber Law
• Role of CISO (Chief Information Security Officer)
• Security Leadership and Governance
• Insider Threat Management and Mitigation
• Security Culture and Employee Behavior
• Contractual and Legal Aspects of Security
• Intellectual Property Protection
• Security Metrics and Performance Indicators
• Outsourcing Security Services
• Security Budgeting and Financial Management
• Integrating Security with Business Strategy
• Terrorism and Counterterrorism Strategies
• Security Intelligence and Law Enforcement
• Border Control and Immigration Security
• Cyber Warfare and State-sponsored Attacks
• Protection of Critical National Infrastructure
• Emergency Preparedness and Response
• Security Considerations in International Relations
• Humanitarian Security and Crisis Management
• Nuclear Security and Non-proliferation
• Global Maritime Security Issues
• Security in Hospitals and Healthcare Facilities
• Patient Data Privacy and HIPAA Compliance
• Medical Device and IoT Security
• Emergency Medical Services and Security
• Security Measures for Mental Health Facilities
• Pharmaceutical Supply Chain Security
• Bioterrorism and Public Health Security
• Security Education for Healthcare Professionals
• Medical Records Security and Management
• Telemedicine and Remote Healthcare Security
• Security Considerations in Online Retail
• Fraud Detection and Prevention Strategies
• Payment Security and PCI Compliance
• Inventory Security and Loss Prevention
• Consumer Trust and Brand Protection
• E-commerce Regulations and Compliance
• Security in Omnichannel Retailing
• Secure Customer Experience Design
• Mobile Commerce Security
• Retail Surveillance and Anti-shoplifting Techniques
• Campus Safety and Security Measures
• Cybersecurity Education and Curriculum
• Student Data Privacy and Protection
• Security in Online Learning Platforms
• Intellectual Property Rights in Academia
• Emergency Response Plans for Educational Institutions
• School Transportation Security
• Security Measures for Laboratories and Research Facilities
• Ethical Guidelines in Academic Research
• Security Considerations in International Student Exchange
• Artificial Intelligence in Security
• Quantum Computing and Cryptography
• Security Implications of 5G Technology
• Sustainable and Green Security Practices
• Human Factors in Security Design
• Blockchain for Security Applications
• Virtual and Augmented Reality Security
• Security in Autonomous Vehicles
• Integration of Smart Technologies in Security
• Ethical Considerations in Emerging Security Technologies

Security management is an ever-evolving field, reacting to both technological advancements and global socio-political changes. The above categories and topics encompass a broad spectrum of the security management domain. This comprehensive list is designed to inspire students and guide them towards a research paper that not only interests them but also contributes to the growing body of knowledge in security management. By exploring these topics, students will have the opportunity to deepen their understanding of current issues and become part of the ongoing conversation in this vital area of study.

Security Management and the Range of Research Paper Topics

Introduction to security management.

Security management has increasingly become a central concern for organizations, governments, and individuals in our interconnected and technologically driven world. Its primary focus is on safeguarding assets, information, and people by assessing risks and implementing strategies to mitigate potential threats. From the micro-level of individual privacy protection to the macro-level of national security, the concepts and practices within this field permeate almost every aspect of our daily lives. This article delves into the fundamental aspects of security management and explores the extensive range of research paper topics it offers.

Key Principles and Concepts in Security Management

• Risk Assessment and Mitigation: At the core of security management lies the process of identifying, evaluating, and minimizing risks. It involves recognizing potential vulnerabilities, assessing the likelihood of threats, and implementing measures to reduce the potential impact.
• Compliance and Regulation: Security management is also heavily influenced by various laws, regulations, and industry standards. Whether it’s GDPR for data protection or HIPAA for healthcare, compliance with these regulations is essential to avoid legal consequences.
• Physical and Cyber Security: Security management encompasses both the physical and digital realms. Physical security focuses on protecting tangible assets, such as buildings and equipment, while cyber security emphasizes safeguarding digital information.
• Human Factors: People are often considered the weakest link in security. Training, awareness, and a robust security culture are crucial in ensuring that employees and stakeholders understand and adhere to security protocols.
• Technology and Innovation: With the advent of new technologies like AI, blockchain, and IoT, security management must continuously evolve to address the unique challenges and opportunities they present.
• Global Perspectives: In a globally connected world, security management must consider international laws, cross-border data flows, and the unique risks associated with different geographical regions.
• Ethics and Social Responsibility: Ethical considerations in security management include respecting individual privacy, transparency in surveillance, and social responsibility in using technology for security purposes.

Range and Depth of Research Paper Topics

Given the complexity and multidimensionality of security management, the range of research paper topics in this field is vast. The following sections provide an insight into the various dimensions that can be explored:

• Information Security Management: Research can focus on encryption, authentication, intrusion detection, or explore the psychological aspects of social engineering attacks.
• Physical Security Management: Topics may include architectural design for security, biometrics, or the balance between security and convenience in access controls.
• Organizational Security Management: This includes leadership and governance in security, insider threats, and the alignment of security strategies with business goals.
• Global and National Security Management: Areas to explore here include counterterrorism strategies, cybersecurity policies among nations, or human rights considerations in security protocols.
• Retail and E-commerce Security Management: From payment security to fraud detection, this area explores the unique challenges in the retail and online shopping environment.
• Emerging Trends in Security Management: This invites research into the future of security management, considering technological advancements, emerging threats, and the ethical implications of new tools and techniques.

Security management is an intricate field that intertwines technological, human, organizational, and societal aspects. It continues to evolve in response to the rapidly changing global landscape marked by technological innovation, geopolitical shifts, and emerging threats. The range of research paper topics in security management reflects this diversity and offers a wealth of opportunities for students to engage with cutting-edge issues.

The ongoing development of this field requires fresh insights, innovative thinking, and a commitment to understanding the underlying principles that govern security management. By delving into any of the areas outlined above, students can contribute to this exciting and ever-changing field. Whether exploring traditional aspects like risk management or venturing into the realms of AI and blockchain, the possibilities for research are as broad and varied as the field itself.

This article provides a foundational understanding of security management and serves as a springboard for further exploration. It’s a gateway to a myriad of research avenues, each offering a unique perspective and challenge, all united by the common goal of enhancing the security and safety of our interconnected world.

How to Choose Security Management Research Paper Topics

Selecting a topic for a research paper in the field of security management is a crucial step that sets the tone for the entire research process. The breadth and depth of this field offer a wide array of possibilities, making the choice both exciting and somewhat daunting. The topic must be relevant, engaging, unique, and, most importantly, aligned with the researcher’s interests and the academic requirements. This section provides a comprehensive guide on how to choose the perfect security management research paper topic, with 10 actionable tips to simplify the process.

• Identify Your Interests: Begin by exploring areas within security management that truly intrigue you. Whether it’s cyber threats, risk management, or physical security measures, your passion for the subject will drive a more engaging research process.
• Understand the Scope: Security management spans across various sectors such as IT, healthcare, retail, and more. Assess the scope of your paper to determine which sector aligns best with your academic needs and professional goals.
• Consider the Relevance: Choose a topic that is pertinent to current trends and challenges in security management. Researching emerging threats or innovative technologies can lead to more compelling findings.
• Assess Available Resources: Ensure that there is enough accessible information and research material on the chosen topic. A topic too obscure might lead to difficulties in finding supporting evidence and data.
• Consult with Your Advisor or Mentor: An experienced academic advisor or mentor can provide valuable insights into the feasibility and potential of various topics, helping you make an informed decision.
• Balance Complexity and Manageability: Selecting a topic that is too broad can be overwhelming, while a narrow topic might lack depth. Striking the right balance ensures that you can comprehensively cover the subject within the stipulated word count and time frame.
• Consider Ethical Implications: Especially in a field like security management, ethical considerations must be at the forefront. Any topic involving human subjects, privacy concerns, or potentially sensitive information should be approached with caution and integrity.
• Align with Learning Objectives: Reflect on the specific learning outcomes of your course or program, and choose a topic that aligns with these objectives. It ensures that your research contributes to your overall academic development.
• Evaluate Potential Contributions: Think about what new insights or perspectives your research could offer to the field of security management. Choosing a topic that allows you to make a meaningful contribution can be more satisfying and impactful.
• Experiment with Preliminary Research: Before finalizing a topic, conduct some preliminary research to gauge the existing literature and potential research gaps. It can help refine your focus and provide a clearer direction.

Choosing a research paper topic in security management is a multifaceted process that requires thoughtful consideration of various factors. By following the tips outlined above, you can navigate through the complexities of this task and select a topic that resonates with your interests, aligns with academic goals, and contributes to the broader field of security management. Remember, a well-chosen topic is the foundation upon which a successful research paper is built. It’s the starting point that leads to a journey filled with discovery, analysis, and intellectual growth. Make this choice wisely, and let it be a gateway to an engaging and rewarding research experience.

How to Write a Security Management Research Paper

A. introductory paragraph.

Writing a research paper on security management requires more than just a keen interest in the subject; it demands a systematic approach, adherence to academic standards, and the ability to synthesize complex information. Security management, with its multifaceted nature encompassing physical security, cybersecurity, risk assessment, and more, offers an exciting but challenging landscape for research. In this section, we will delve into a step-by-step guide comprising 10 vital tips on how to write an effective security management research paper. These tips aim to guide you through the research, planning, writing, and revision stages, ensuring a coherent and impactful paper.

• Choose the Right Topic: Guidance: Reflect on your interests, the current trends in the field, and the available resources. Consult with mentors and refer to the previous section for more insights into selecting the perfect topic.
• Conduct Thorough Research: Guidance: Use reliable sources like academic journals, books, and reputable online resources. Gather diverse viewpoints on the topic and keep track of the sources for citation.
• Develop a Strong Thesis Statement: Guidance: The thesis should encapsulate the main argument or focus of your paper. It should be clear, concise, and specific, providing a roadmap for the reader.
• Create an Outline: Guidance: Outline the main sections, including introduction, literature review, methodology, findings, discussion, conclusion, and references. An organized structure helps maintain coherence and logical flow.
• Write a Compelling Introduction: Guidance: Begin with a hook that grabs the reader’s attention, provide background information, and conclude with the thesis statement. The introduction sets the stage for the entire paper.
• Employ the Appropriate Methodology: Guidance: Choose the research methods that align with your research question and objectives. Explain the rationale behind your choices, ensuring that they adhere to ethical standards.
• Analyze Findings and Discuss Implications: Guidance: Present your research findings in a clear and unbiased manner. Discuss the implications of the results in the context of the existing literature and real-world applications.
• Conclude with Insight: Guidance: Summarize the main findings, restate the thesis in the context of the research, and discuss the potential limitations and future research directions. The conclusion should leave the reader with something to ponder.
• Adhere to Academic Formatting: Guidance: Follow the specific formatting guidelines required by your institution or the style guide (APA, MLA, etc.). Pay attention to citations, references, headings, and overall presentation.
• Revise and Proofread: Guidance: Allocate ample time for revising content, structure, and language. Use tools or seek help from peers or professionals for proofreading to ensure grammatical accuracy and clarity.

Writing a security management research paper is a rigorous and intellectually stimulating endeavor that requires meticulous planning, research, and execution. The tips provided in this guide are meant to facilitate a well-structured and insightful paper that adheres to academic excellence. By following these guidelines, you not only develop a comprehensive understanding of security management but also contribute valuable insights to this evolving field. Remember, writing is a process of exploration, articulation, and refinement. Embrace the challenge, learn from the journey, and take pride in the scholarly contribution you make through your research paper on security management.

iResearchNet’s Custom Research Paper Services

In the complex world of security management, crafting a top-notch research paper can be a daunting task. The landscape of security management is multifaceted, encompassing areas such as cybersecurity, risk analysis, policy development, physical security, and much more. For students juggling multiple responsibilities, producing a quality research paper on these intricate subjects may seem nearly impossible. That’s where iResearchNet comes into play. Offering tailor-made solutions to your academic needs, iResearchNet is your go-to service for custom security management research papers. Below are the features that make iResearchNet the ideal choice for your academic success.

• Expert Degree-Holding Writers: At iResearchNet, we employ writers who not only hold advanced degrees but also have extensive experience in security management. Their expertise ensures that your paper is insightful, well-researched, and academically sound.
• Custom Written Works: Every research paper is crafted from scratch, tailored to your specific needs, guidelines, and preferences. Our writers work closely with you to understand your vision, making the paper uniquely yours.
• In-Depth Research: Our team engages in thorough research, using reputable sources and cutting-edge methodologies. This diligent approach guarantees a comprehensive understanding of the subject and a well-rounded paper.
• Custom Formatting: Adhering to academic standards is crucial, and our writers are skilled in various formatting styles. Whether APA, MLA, Chicago/Turabian, or Harvard, your paper will be formatted to perfection.
• Top Quality: Quality is at the core of our services. From the initial draft to the final submission, we maintain the highest standards of excellence, ensuring that your paper stands out.
• Customized Solutions: We recognize that each student’s needs are unique. Hence, our solutions are not one-size-fits-all but are customized to meet your specific requirements, timelines, and academic level.
• Flexible Pricing: Quality doesn’t have to break the bank. Our pricing structure is designed to be affordable and flexible, providing various options to fit different budgets.
• Short Deadlines: Whether you’re facing a last-minute crunch or planning ahead, our writers can accommodate tight deadlines. Even within as short as 3 hours, we deliver without compromising on quality.
• Timely Delivery: Your time is valuable, and we respect that. Our commitment to timely delivery ensures that you receive your paper well before the deadline, giving you ample time for review.
• 24/7 Support:  Questions or concerns? Our support team is available around the clock. With 24/7 assistance, you can rest assured that help is always just a click away.
• Absolute Privacy: Your privacy is our priority. We employ stringent security measures to protect your personal information. With iResearchNet, your details are safe, secure, and confidential.
• Easy Order Tracking:  With our user-friendly tracking system, you can easily monitor the progress of your order. Stay updated, provide feedback, and enjoy a smooth and transparent process.
• Money Back Guarantee:  Your satisfaction is our goal. If, for any reason, our services do not meet your expectations, our money-back guarantee ensures that you are not at a loss.

iResearchNet’s custom security management research paper services are more than just a promise; they are a commitment to excellence, convenience, and integrity. Our blend of expert writers, personalized solutions, quality assurance, and robust support makes us the preferred choice for students across the globe. Dive into the world of security management without the stress of paper writing, knowing that iResearchNet has got your back. Embark on your academic journey with confidence and trust in a partner who understands your needs and shares your pursuit of excellence. With iResearchNet, you’re not just ordering a paper; you’re investing in your future.

Secure Your Academic Success Today

Are you feeling overwhelmed with the prospect of writing your security management research paper? Perhaps you’re struggling to find the right topic, or the research is becoming a tedious task? You don’t have to go through this alone. With iResearchNet’s specialized writing services, all your academic challenges can be turned into opportunities for success.

What sets iResearchNet apart from other writing services is not just our expertise and quality but our understanding of students’ needs. We know that every research paper is not just a task but a step towards your future career in security management. That’s why we invest our best resources to make sure your paper is nothing short of perfect. Our expert writers, meticulous research, and dedication to your satisfaction are all geared towards one goal – helping you excel.

We don’t just write papers; we create opportunities for learning and growth. When you choose iResearchNet, you’re not only receiving a top-notch research paper but also gaining access to a treasure trove of knowledge in security management. With our 24/7 support, flexible pricing, and customizable solutions, your success is no longer a distant dream but a tangible reality.

Take the step towards a brighter academic future. Don’t let the burden of research and writing hold you back from achieving your best. Click the button below to place your order and begin a collaborative journey with iResearchNet. With our secure and user-friendly platform, ordering your custom security management research paper is just a few clicks away. Empower yourself with the right partner, and let iResearchNet pave the way to your academic success.

ORDER HIGH QUALITY CUSTOM PAPER

This is a potential security issue, you are being redirected to https://csrc.nist.gov .

You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock Locked padlock icon ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

• Drafts for Public Comment
• All Public Drafts
• NIST Special Publications (SPs)
• NIST interagency/internal reports (NISTIRs)
• ITL Bulletins
• White Papers
• Journal Articles
• Conference Papers
• Security & Privacy

Applications

Technologies.

• Laws & Regulations
• Activities & Products
• News & Updates
• Cryptographic Technology
• Secure Systems and Applications
• Security Components and Mechanisms
• Security Engineering and Risk Management
• Security Testing, Validation, and Measurement
• Cybersecurity and Privacy Applications
• National Cybersecurity Center of Excellence (NCCoE)
• National Initiative for Cybersecurity Education (NICE)

Security and Privacy

• digital signatures
• key management
• lightweight cryptography
• message authentication
• post-quantum cryptography
• random number generation
• secure hashing
• cybersecurity supply chain risk management
• general security & privacy
• access authorization
• access control
• Personal Identity Verification
• public key infrastructure
• personally identifiable information
• privacy engineering
• categorization
• continuous monitoring
• controls assessment
• privacy controls
• security controls
• risk assessment
• roots of trust
• system authorization
• advanced persistent threats
• information sharing
• intrusion detection & prevention
• vulnerability management
• accessibility
• testing & validation
• acquisition
• asset management
• audit & accountability
• awareness training & education
• configuration management
• contingency planning
• incident response
• maintenance
• media protection
• patch management
• personnel security
• physical & environmental protection
• program management
• security automation
• reliability
• artificial intelligence
• cloud & virtualization
• combinatorial testing
• personal computers
• quantum information science
• smart cards
• operating systems
• communications & wireless
• cyber-physical systems
• cybersecurity education
• cybersecurity framework
• cybersecurity workforce
• industrial control systems
• Internet of Things
• mathematics
• positioning navigation & timing
• small & medium business

Laws and Regulations

• Comprehensive National Cybersecurity Initiative
• Cybersecurity Strategy and Implementation Plan
• Cyberspace Policy Review
• Executive Order 13636
• Executive Order 13702
• Executive Order 13718
• Executive Order 13800
• Executive Order 13905
• Executive Order 14028
• Executive Order 14110
• Federal Cybersecurity Research and Development Strategic Plan
• Homeland Security Presidential Directive 7
• Homeland Security Presidential Directive 12
• OMB Circular A-11
• OMB Circular A-130
• Cyber Security R&D Act
• Cybersecurity Enhancement Act
• E-Government Act
• Energy Independence and Security Act
• Federal Information Security Modernization Act
• First Responder Network Authority
• Health Insurance Portability and Accountability Act
• Help America Vote Act
• Internet of Things Cybersecurity Improvement Act
• Federal Acquisition Regulation

Activities and Products

• annual reports
• conferences & workshops
• quick start guides
• reference materials
• standards development
• financial services
• hospitality
• manufacturing
• public safety
• telecommunications
• transportation