EU Science Hub

European Cybersecurity Taxonomy

Nov 28 2019

We are living in an era of great opportunities enabled by digital technologies: the access to information and knowledge has never been as easy as today.

Our cars are able to detect obstacles and react consequently, medical devices produce more accurate diagnosis, our energy smart grids are able to forecast future energy demand and accommodate it at continental level.

We can remotely control our homes, video-chat with friends living on the other side of the world, share huge amounts of data and actively participate to the democratic life of our country from our smartphones.

However, the way in which digital technologies are intertwined with our lives generates today also a vicious circle where the more our society will become digital, the more it will be vulnerable to the deliberate exploitation of unsecure digital systems, the higher will be the potential impact of cyber-attacks, and the lower will be the concrete residual advantages of the digitalisation of our society.

In this context, cybersecurity represents the counterweight of this complex equation, the factor allowing the digital revolution to definitively take-off.

However, quoting the Cybersecurity Report issued by the High Level Advisory Group of the EC Scientific Advice Mechanism in March 2017, "cybersecurity is not a clearly demarcated field of academic study that lends itself readily to scientific investigation. Rather, cybersecurity combines a multiplicity of disciplines from the technical to behavioural and cultural. Scientific study is further complicated by the rapidly evolving nature of threats, the difficulty to undertake controlled experiments and the pace of technical change and innovation. In short, cybersecurity is much more than a science".

This definition implies that there is not available today a globally accepted and standardised definition of cybersecurity and a clear identification of its domain of development and of application.

For that reason JRC published a study proposing the alignment of cybersecurity terminologies, definitions and domains into a coherent and comprehensive taxonomy. This will facilitate the categorisation of EU cybersecurity competencies. The work was undertaken in the context of the Commission’s Communication on the establishment of the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres (COM(2018) 630 final, 12.9.2018).

A reference cybersecurity taxonomy is an essential tool to facilitate the categorisation of EU R&D cybersecurity competencies and to increase the competitiveness of the EU cybersecurity capabilities. In order to support these developments, the JRC proposes a common European Cybersecurity Taxonomy in order:

  • to support knowledge management activities;
  • to enable effective communication among EU institutions and the cybersecurity community;
  • to serve as a cornerstone in future cooperation efforts among cybersecurity stakeholders;
  • to support the governance of future EU cybersecurity initiatives.

The concepts proposed in the taxonomy were selected based on an extensive literature review and the feedback from key EU cybersecurity stakeholders including the European Cyber Security Organization (ECSO)

The proposed taxonomy aligns the terminology and definitions of cybersecurity knowledge domains and adopts a 3-dimensional approach where a knowledge domain (e.g. Cryptology) can be associated to a sector (e.g. Health) and applied in the context of a particular technology or use cases (e.g. Hardware technology).

The figure below illustrates visually how the 3-dimensional taxonomy can be applied for cybersecurity knowledge classification.

Cybersecurity Taxonomy

The taxonomy proposal builds upon a preliminary version, which was validated using empirical evidence collected in a survey performed in 2018, where over 700 institutions reported on their knowledge and expertise.

Based on the information from this survey, a mapping of EU cybersecurity capacities was developed to support the proposal for a regulation establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres which is currently being negotiated between European Parliament and Council.

In the context of this legislative initiative, four pilot projects were selected to assist the Commission in the development of a common European cybersecurity research and innovation road map: CONCORDIA, ECHO, SPARTA and Cybersec4Europe.

These pilot projects, with over 160 members from industry and academy, supported the development of the cybersecurity taxonomy and currently uses it to classify and align their research activities.

Further details about the proposal for the cybersecurity taxonomy are in the JRC Technical Report entitled A Proposal for a European Cybersecurity Taxonomy.