Situational awareness about data breaches and ransomware attacks: A multi-dimensional cyber threat impact framework and content analyses of practitioner-public discourses

IF 20.1 1区 管理学 Q1 INFORMATION SCIENCE & LIBRARY SCIENCE
Paras Bhatt , Rohit Valecha , H. Raghav Rao
{"title":"Situational awareness about data breaches and ransomware attacks: A multi-dimensional cyber threat impact framework and content analyses of practitioner-public discourses","authors":"Paras Bhatt ,&nbsp;Rohit Valecha ,&nbsp;H. Raghav Rao","doi":"10.1016/j.ijinfomgt.2025.102902","DOIUrl":null,"url":null,"abstract":"<div><div>Cyber threat incidents are increasingly on the rise resulting in concern among the public. Recently, data breaches and ransomware attacks have emerged as two types of critical cyber threats in terms of impact to both organizations and individuals. As such, organizations and the public have started to discuss these threats in various forms. While the former discusses the threats in practitioner reports that are available for public consumption, social media platforms are the preferred avenue for the public. Though literature has started to examine the issues regarding such cyber threat incidents, research on cyber threats, its resultant discourse on social media and its potential for situational awareness and for extracting meaningful or actionable cyber intelligence is scarce. This paper makes a twofold contribution: first, it extracts multiple dimensions of cyber threats from an examination of theoretical, regulatory and domain specific literature. We term these dimensions, leak, laws, cause, and cost and use them for creating a cyber-threat impact framework. Second, by undertaking text mining for content analysis of large datasets from Verizon’s Data Breach Investigation Reports (DBIR) as well as social media discourses from Twitter, this paper investigates the practitioner-public discourses about the two types of cyber threat incidents to uncover relative significance of different dimensions for situational awareness. The paper finds that topical similarities and differences exist between data breach and ransomware attack incidents on different dimensions in the cyber-threat impact framework. The dual analysis of practitioner and public discourses allows situational awareness that policy makers can use for developing appropriate cyber intelligence and cyber threat defense policies.</div></div>","PeriodicalId":48422,"journal":{"name":"International Journal of Information Management","volume":"83 ","pages":"Article 102902"},"PeriodicalIF":20.1000,"publicationDate":"2025-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Management","FirstCategoryId":"91","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0268401225000349","RegionNum":1,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
引用次数: 0

Abstract

Cyber threat incidents are increasingly on the rise resulting in concern among the public. Recently, data breaches and ransomware attacks have emerged as two types of critical cyber threats in terms of impact to both organizations and individuals. As such, organizations and the public have started to discuss these threats in various forms. While the former discusses the threats in practitioner reports that are available for public consumption, social media platforms are the preferred avenue for the public. Though literature has started to examine the issues regarding such cyber threat incidents, research on cyber threats, its resultant discourse on social media and its potential for situational awareness and for extracting meaningful or actionable cyber intelligence is scarce. This paper makes a twofold contribution: first, it extracts multiple dimensions of cyber threats from an examination of theoretical, regulatory and domain specific literature. We term these dimensions, leak, laws, cause, and cost and use them for creating a cyber-threat impact framework. Second, by undertaking text mining for content analysis of large datasets from Verizon’s Data Breach Investigation Reports (DBIR) as well as social media discourses from Twitter, this paper investigates the practitioner-public discourses about the two types of cyber threat incidents to uncover relative significance of different dimensions for situational awareness. The paper finds that topical similarities and differences exist between data breach and ransomware attack incidents on different dimensions in the cyber-threat impact framework. The dual analysis of practitioner and public discourses allows situational awareness that policy makers can use for developing appropriate cyber intelligence and cyber threat defense policies.
网络威胁事件日益增多,引起了公众的关注。最近,数据泄露和勒索软件攻击已成为对组织和个人影响重大的两类网络威胁。因此,组织和公众开始以各种形式讨论这些威胁。前者在供公众阅读的从业者报告中讨论这些威胁,而社交媒体平台则是公众的首选渠道。虽然已有文献开始研究此类网络威胁事件的相关问题,但有关网络威胁、由此引发的社交媒体讨论及其对态势感知和提取有意义或可操作网络情报的潜力的研究却很少。本文做出了两方面的贡献:首先,本文从理论、法规和特定领域文献的研究中提取了网络威胁的多个维度。我们将这些维度称为 "泄露"、"法律"、"原因 "和 "成本",并利用它们创建了一个网络威胁影响框架。其次,通过对 Verizon 数据泄露调查报告(DBIR)中的大型数据集以及 Twitter 上的社交媒体言论进行文本挖掘内容分析,本文调查了从业人员和公众对这两类网络威胁事件的言论,以揭示不同维度对态势感知的相对重要性。本文发现,数据泄露和勒索软件攻击事件在网络威胁影响框架的不同维度上存在相似之处和不同之处。通过对从业人员和公众论述的双重分析,决策者可以了解态势感知,从而制定适当的网络情报和网络威胁防御政策。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
International Journal of Information Management
International Journal of Information Management INFORMATION SCIENCE & LIBRARY SCIENCE-
CiteScore
53.10
自引率
6.20%
发文量
111
审稿时长
24 days
期刊介绍: The International Journal of Information Management (IJIM) is a distinguished, international, and peer-reviewed journal dedicated to providing its readers with top-notch analysis and discussions within the evolving field of information management. Key features of the journal include: Comprehensive Coverage: IJIM keeps readers informed with major papers, reports, and reviews. Topical Relevance: The journal remains current and relevant through Viewpoint articles and regular features like Research Notes, Case Studies, and a Reviews section, ensuring readers are updated on contemporary issues. Focus on Quality: IJIM prioritizes high-quality papers that address contemporary issues in information management.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信