Researching Trending Topics in Security

Each day security reports, news items and events find their way to the web. When you need to know about a specific security topic for your business, study or policy, it might be hard to find the relevant information. HSD Office makes content more accessible, usable and actionable by classifying topics and observations.

In 2020 we published around 60 security reports from different sources, almost 300 news articles and 200 events. It is hard to keep track of the topics covered and insights shared in real-time. And when you need to know everything about a specific topic, or see what’s hot and what’s not, it takes a lot of effort. To make the available knowledge easier accessible, filter out the irrelevant parts and show which partners specialise in the topic of your interest we classify security content.

Taxonomies based classification

To classify and structure content we use the following four taxonomies:

• The domain of application. Is the knowledge relevant for a specific economic sector such as agriculture, manufacturing, banking, healthcare or shipping? A strong base for this classification is found in the industry classification (SBI-codes) used by the Central Bureau of Statistics.
• Threat target. Who or what is challenged by a certain development? Is software or hardware at risk, property or infrastructure under attack, are SME’s the target or the national government?
• Threat agent. Who or what makes the threat? This helps choosing effective countermeasures. Guarding against forces of nature or system malfunctions will be different from nation states attacks.
• Type of threat or opportunity. This taxonomy ranges from economic (fraud, money laundering) to technological (all sorts of cybersecurity techniques, AI) to physical (human trafficking, crowd management). We checked our taxonomy for completeness with those of ENISA, NASA, NIST, ESCO and several project- and company-based classifications. 

First observations from reports

The 16 reports in our first batch are a mixture of national and international studies, some are evaluations and evidence based, others are predictions for the future. Several studies are specifically about the information society and cybercrime, others have a broader security scope. We included free access reports from companies, research institutes and public organisations. Our focus is on those reports that are expected to have an impact in The Netherlands.

Our first observation shows that cybersecurity is a core theme, this is of course expected from reports on information society and cybercrime, but it is also a core element in other security studies. Cybersecurity related topics that are mentioned in several reports include:

• Opportunities and threats of new technologies, especially Artificial Intelligence (AI) and quantum technology. 
• The potential attack surface is expanding rapidly with more connected IoT-devices, sensors, edge computing devices, mobile devices, different networks and diversifying connected services. COVID-19 grows digital threats, ranging from online fraud to security breaches at employees working from home during lockdown.
• Different forms of phishing (e-mail, SMS, WhatsApp, spear phishing through social media) remain a big threat.
• Malware is an increasing threat while ransomware delivers growing financial gain for criminals.
• Up close and personal attacks are on the rise: targeted attacks, disinformation, online scams, sextortion, harassing oppositions, spyware and cyberbullying.
• Cloud- and system security issues arise often through misconfiguration, but also more cloud-based security solutions are applied.
• The zero-trust philosophy is gaining ground.
• Individuals are less confronted with regular crimes but their chance of being victimized by cybercrime is growing.
• Cyber security awareness is growing but basic cybersecurity measures are often not taken, both by individuals and employers.
• There is a widening cybersecurity skills gap.
• Spending increases (but perhaps not as fast as the risks grow), transparency and rationalisation are growing as well.

The governance of both regular and cybercrime is a challenge for businesses and governments, partially due to insufficient detection and lacking integral monitoring capability. Regarding threat agents, several reports mention that geopolitical tensions manifest themselves more and more in the digital domain. Nation states are therefore an important agent to keep an eye on. Looking at the targets, a diversification of threat targets is mentioned. Through interconnected chains, dissemination of digital risks can propagate from devices at home (mobile phones and Wi-Fi routers), business supply chains or wherever the weakest link can be found to reach their final destination.

What is to come

We will keep classifying the information we get and further validate the taxonomies used. In February 2021 we will organise an HSD-Café on trends with experts from the field. When the date is set, and the program is ready, it will be announced through our regular channels (website, newsletter, social media). 

Several interns contributed to the development of the methodology and taxonomies: Maaike Smekens, Cem Ahmed, Aniek den Teuling, Lien Gillisjans, Annemaria van den Bogerd and Esmée Hendriksen. Want to know more about trend monitoring at HSD? Contact innovation liaison Mark Ruijsendaal. You can help us out by keep sharing your insights, publications and events with our communication office.