The University of Maryland’s Cyber Events Database 2.0: A Systematic Framework for Analyzing Global Cyber Threats

Authors

  • Charles Harry The Center for Governance of Technology and Systems (GoTech) at the University of Maryland’s School of Public Policy, College Park, United States of America
  • Devin Entrikin The Center for Governance of Technology and Systems (GoTech) at the University of Maryland’s School of Public Policy, College Park, United States of America https://orcid.org/0009-0007-5998-9764
  • William Lucyshyn The Center for Governance of Technology and Systems (GoTech) at the University of Maryland’s School of Public Policy, College Park, United States of America

DOI:

https://doi.org/10.34190/eccws.25.1.4697

Keywords:

cybersecurity, cyber operations, structured event data, threat landscape, data-driven analysis, strategic decision-making

Abstract

Cyberattacks are increasing in scale, scope, and impact, yet systematic, accessible data on these events remain
fragmented, narrowly scoped, or methodologically opaque. Existing cyber incident datasets often focus on specific threat
types or high-profile cases, are proprietary, or lack transparent coding rules, limiting comparative analysis and cumulative
research. This paper introduces the Cyber Events Database 2.0 (CEDB 2.0), a publicly sourced, event-level repository of global
cyber incidents from 2014 onward designed to support reproducible research and strategic cybersecurity analysis. The CEDB
2.0 employs a mixed-methods data collection approach that combines automated web scraping with multilingual, near–realtime
news monitoring, integrating the Global Database of Events, Language, and Tone (GDELT) Project beginning in 2025. As
of February 2026, the database contains 16,382 coded cyber events across 175 countries and 1,431 distinct threat actors.
Each event is classified using a theory-informed taxonomy capturing actor type, motive, target sector, affected country, and
observable effects. By enabling cross-sectional and longitudinal analysis at scale, the CEDB allows researchers to move
beyond anecdotal case studies toward systematic, evidence-based assessment of state and non-state cyber behavior. The
paper details the database’s methodology, structure, applications, limitations, and future development.

Author Biographies

Charles Harry, The Center for Governance of Technology and Systems (GoTech) at the University of Maryland’s School of Public Policy, College Park, United States of America

Dr. Charles Harry is a senior leader, practitioner and researcher with over 20 years of experience in intelligence and cyber operations. Harry is the director of the Center for Governance of Technology and Systems (GoTech) and Associate Research Professor in the School of Public Policy.

Devin Entrikin, The Center for Governance of Technology and Systems (GoTech) at the University of Maryland’s School of Public Policy, College Park, United States of America

Devin Entrikin is a Ph.D. candidate and lecturer at the University of Maryland’s School of Public Policy. Entrikin is also a research fellow at the Center for Governance of Technology and Systems (GoTech), focused on strategic cybersecurity and emerging technology governance.

William Lucyshyn, The Center for Governance of Technology and Systems (GoTech) at the University of Maryland’s School of Public Policy, College Park, United States of America

William Lucyshyn is a research professor and the director of research at the Center for Governance of Technology and Systems at the University of Maryland, School of Public Policy. Lucyshyn directs research on critical policy issues related to the increasingly complex problems associated with improving public sector management and operations.

Downloads

Published

2026-06-15

Issue

Vol. 25 No. 1 (2026): The Proceedings of the 25th European Conference on Cyber Warfare & Security (ECCWS 2026)

Section

Academic Papers

License

Copyright (c) 2026 European Conference on Cyber Warfare and Security

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.