Towards Unified European Cyber Incident and Crisis Management Ontology

Publication Type:

Journal Article


Information & Security: An International Journal, Volume 53, Issue 1, p.33-44 (2022)


crisis, Cybersecurity Act, cybersecurity taxonomy, harm, incident response, Interoperability, Ontology, Risk Assessment, threat


ENISA highlighted the need for a common reporting taxonomy for cybersecurity incidents to be used by cybersecurity analysts across Europe. The analysis of the domain revealed a large number of taxonomies for different areas of the cybersecurity domain (types of attacks, vulnerabilities, sectors, harm), but those needed to be linked together in a model that allows a cybersecurity officer to report and track an incident fast and accurately. The taxonomy should also treat the cybersecurity domain not only from the technical point of view but also from the socio-economical aspect. This document describes the taxonomy, how we propose to use it, and the methodology used to develop it.

Last updated: Sunday, 12 February 2023