Creation of a Non-Profit and Non-Governmental Organization Cybersecurity Incident Reporting and Dataset Repository

Abstract:
Organizations of all types are prone to cybersecurity and information security attacks. Non-Profit Organizations (NPOs) and Non-Governmental Organizations (NGOs) are not exempt from using information technology solutions and, thus, have been the recipient victims of cyber attackers. There exist many areas and venues where data are collected to report back annually on the status and numbers of cybersecurity attacks against many sectors of our society. This effort and write-up will focus on the NPO and NGO community and provide the process followed to research and create the data repository, created categorization of attacks or taxonomy, fields captured, outlets and areas where data that is relevant to historical cybersecurity incidents in these types of agencies is available. In addition, the beginning of a running log and dataset for the NPO and NGO community will emerge. A dataset will be made available that can be referenced by researchers, students, and leaders investigating risk management and analysis of the NPO and NGO sectors.