Abstract
UAX MAker: Cybersecurity Incident Compendium (CIC)
Keywords: Cyber risk, AI, Data Science, Cyber Incidents, UAX
The second part of the presentation introduces the Cybersecurity Incident Compendium (CIC), a dynamic and enriched knowledge base focused on industrial cyber incidents. It aggregates publicly available data from sources like SEC EDGAR and other commercial databases, addressing the challenges of inconsistency, unstructured formats, and limited visibility. The compendium uses advanced data analytics, machine learning, and AI to structure and enrich incident data, enabling deeper insights into attack patterns, victim profiles, and evolving threats.
The CIC follows a data science life cycle—from weekly data collection and enrichment to categorization and dashboard visualization. It applies techniques like Named Entity Recognition and text similarity to analyze over 20,000 incidents, uncovering hidden patterns such as organizational attractiveness to attackers. The platform helps users understand who is being exploited, the impacts and claims involved, and how threats evolve across sectors and regions. Ultimately, it supports proactive cyber risk management by forecasting expected attacks and identifying key risk drivers.
Talk delivered during the UAX-DeNexus Maker 2024. The event took place on October 09, 2024, at the Business and Tech Faculty of UAX in Madrid.