Authors: Prajwal Chinchmalatpure, Suyash Chinchmalatpure, Sudeep Konde
Abstract: Cyber incidents vary significantly in the mechanisms, targets, and economic impacts they have, so it is significant to determine the factors which are connected to the severity and the economic effects of the incident. This paper is a data-driven analysis of world cybersecurity incidents, 2015-2024 (N=3000), focusing on contextual factors, e.g. country, type of attack, industry, source of attack, type of vulnerability, defensive mechanism, and operational outcomes, e.g. time to resolve the incident, victims, and financial loss (million USD). To surface patterns of incident occurrence and severity-linked outcomes, we describe the threat landscape in the first instance by exploratory distributional analysis, and in the second instance by relational analysis. We subsequently create a financial loss predictive pipeline by estimating a mixed data (categorical encoding and train/test analysis) predictor using common preprocessing of mixed data and a comprehensible baseline regression model. The combination of the empirical and benchmark results allows a clear point of departure to quantitative cyber risk profiling, showing which incident characteristics are too correlated with severity and defining a repeatable baseline to proceed with more detailed features and non-linear modelling methods in future studies.
