Cybersecurity situational awareness taxonomy

Antti Evesti, Teemu Kanstrén, Tapio Frantti

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    21 Citations (Scopus)


    Ensuring cost-efficient cybersecurity for a networked system is a challenging task. In this task, cybersecurity situational awareness is a cornerstone to ensure that systems are protected in a meaningful way. However, cybersecurity situational awareness can be built in various ways. Firstly, several monitoring and analysing techniques can be applied, and secondly, a time window for the usage of situational awareness varies from short-term operational to long-term strategic decision making. Understanding differences and purposes of these aspects is an essential part to research and develop cybersecurity situational awareness. In this paper, we build a taxonomy of cybersecurity situational awareness. The taxonomy categorises terminology, makes it possible to recognise missing areas, and to understand the area in a uniform way. Moreover, the taxonomy helps to select the most effective techniques to be used in a specific situation awareness implementation.
    Original languageEnglish
    Title of host publication2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017
    PublisherIEEE Institute of Electrical and Electronic Engineers
    Number of pages8
    ISBN (Electronic)978-1-5090-5060-4
    ISBN (Print)978-1-5090-5061-1
    Publication statusPublished - 18 Oct 2017
    MoE publication typeA4 Article in a conference publication
    EventInternational Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2017 - London, United Kingdom
    Duration: 19 Jun 201720 Jun 2017


    ConferenceInternational Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2017
    Abbreviated titleCyber SA 2017
    Country/TerritoryUnited Kingdom


    This work is carried out in Situational Awareness in Cyber and Information Security (SAICS) and SENDATE projects funded by Academy of Finland, Tekes and VTT Technical Research Centre of Finland.


    • taxonomy
    • security
    • monitoring
    • decision making
    • analytics
    • risk analysis


    Dive into the research topics of 'Cybersecurity situational awareness taxonomy'. Together they form a unique fingerprint.

    Cite this