CPPJ

Abstract: Organizations of all types are prone to cybersecurity and information security attacks. Non-Profit Organizations (NPOs) and Non-Governmental Organizations (NGOs) are not exempt from using information technology solutions and, thus, have been the recipient victims of cyber attackers. There exist many areas and venues where data are collected to report back annually on the status and numbers of cybersecurity attacks against many sectors of our society. The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) catalogs sixteen critical sectors that are considered vital to the United States. However, it is not easy to find where the NPO and NGO community should reside with regard to a categorized sector. The cybersecurity incident data collected by many agencies does place a focus on the sixteen sectors. This effort and write-up will focus on the NPO and NGO community and provide the process followed to research and create the data repository, create categorization of attacks or taxonomy, fields captured, outlets, and areas where data that is relevant to historical cybersecurity incidents in these types of agencies is available. In addition, the beginning of a running log and dataset for the NPO and NGO community will emerge to determine if this activity is feasible and can continue. A desired outcome for this effort is to make available a dataset that can be referenced by researchers, students, and leaders investigating cybersecurity risk management and analysis of the NPO and NGO sectors.

Download this article: CPPJ - V3 N2 Page 48.pdf

Recommended Citation: Mierzwa, S.J., Christov, I., (2024). Feasibility of Creating a Non-Profit and Non-Governmental Organization Cybersecurity Incident Reporting and Dataset Repository Using OSINT. Cybersecurity Pedagogy and Practice Journal 3(2) pp 48-57. https://doi.org/10.62273/EUFO3601