Measuring the Harms of Cyberattacks
A key contribution to advancing responsible behaviour in cyberspeace aim is recognition that cyberattacks and incidents do not just attack or harm technology, do not always have (easily) reversible effects, and can have impacts at national and international levels. A clarification on what constitutes harm in a comprehensive and measurable manner is required, coupled with data-driven and evidence-based metrics, tools and frameworks for understanding, tracking, and measuring this harm. Recognizing this, the CyberPeace Institute initiated, in 2022, research and a process to develop a harm methodology. The strategic objective is to determine the means to measure harm from cyberattacks and incidents in order to increase knowledge of the human costs, and influence policy, accountability and resilience efforts.
Published: December 2023
Authors: Charlotte Lindsey and Kamilia Amdouni, CyberPeace Institute
The 2024 Report is available here.