High-profile incidents like the Equifax data breach and WannaCry ransomware attack have ensured that cybersecurity is a top priority for organizations of all kinds. Retailers that process payments, hospitals entrusted with confidential patient information and local governments conducting elections are all highly conscious of the threats posed by phishing scams, denial-of-service attacks and malware. According to Ponemon Institute’s annual Cost of a Data Breach Study for 2018, the average data breach costs $3.86 million, a 6.4 percent increase from the previous year.
Cybersecurity professionals employ a variety of tools and strategies to prevent the financial losses and reputational damage that result from these intrusions. Geographic information science offers resources that can help organizations analyze potentially compromised systems and develop stronger defenses. The role of GIS in cybersecurity continues to expand as more businesses discover the value of geospatial problem-solving for stopping an evolving array of dangers.
Mapping Cybersecurity Threats
Systems detect more infections with every passing second around the world. GIS helps us to understand the scale of this problem and detect meaningful trends. Mapping cyberattacks in real time reveals just how common such incidents are and how important it is for organizations to have updated countermeasures in place.
Fortunately, spatial information also helps more directly, allowing security experts to discover unauthorized activity early. To minimize the consequences of a data breach or malware attack, stakeholders need to communicate clearly and coordinate an immediate response. GIS can provide clear visualizations of the systems involved in an incident and promote situational awareness across multiple departments.
An Esri white paper showed how organizations can map out the connections between devices and coordinate their responses to intrusions. In this example, cyberspace is visualized in five layers:
- The social/persona layer, including all the employees using a network
- The device layer of those individuals’ computers and phones
- The logical network layer showing the connections between devices
- The physical network layer displaying the underlying infrastructure
- The geographic layer revealing the physical locations of all the relevant devices and systems
A detailed perspective on the flow of data through an organization’s network leads to actionable intelligence about any disruptions or device failures that may interfere with operations. Spatial information ties an incident to specific places, allowing experts to judge whether the issue stems from an intentional attempt to compromise the system and assess the effects. Maps can then guide cybersecurity and IT personnel as they set priorities and decisively head off the intrusion.
Protecting Infrastructure
In our globally connected world, cybersecurity is crucial to keep essential infrastructure functioning properly. For example, a 2018 report from the U.S. Department of Energy noted that even as electrical power systems become more reliant on connections to the Internet, the safeguards at many energy companies have not kept pace with cyber threats. The DOE warned that, without proactive steps to address vulnerabilities in the power grid, compromised systems could prove disastrous for communities.
Cyberattacks on energy providers may take various forms, such as sending inaccurate information about the demand for power in particular areas. Systems responding to these false estimates of electricity use might cause imbalances and power outages. Fortunately, GIS can help to address this vulnerability.
Detection software uses GIS mapping to monitor the distribution of energy, giving energy companies greater visibility into operations throughout the power grid. Meanwhile, security detection algorithms can spot issues in the distribution load that might indicate that operators are receiving deceptive information. If any anomalies show up, energy providers can evaluate whether they are the result of a hack and respond accordingly.
Maintaining Geospatial Data Security
A huge wealth of spatial information, like many of the findings gathered by NASA probes, is readily available to the public and researchers. However, some organizations retain spatial data that is proprietary or must be kept confidential due to security or privacy concerns. For example, geographic details may compromise the privacy of individuals who participate in healthcare or social science studies.
In these cases, cybersecurity professionals must implement a layer of security that prevents unauthorized access to geospatial information and metadata. Effective access control mechanisms may include:
- Clearly defined policy specifications for who can use geospatial features
- Semantic reasoner software to enforce those policies
- Identity management systems to check the credentials of users
- Data authenticity verification
About USC’s Online GIS Graduate Programs
The University of Southern California offers a comprehensive selection of online GIS programs, including GIS master’s degrees and GIS graduate certificates. This gives our students the ultimate flexibility in tailoring their education for their career goals. Click on the programs below to learn about our leading geographic information science education.
- M.S. in Geographic Information Science & Technology
- M.S. in Human Security and Geospatial Intelligence
- Graduate Certificate in GIST
- Graduate Certificate in Geospatial Intelligence
- Graduate Certificate in Geospatial Leadership
- Graduate Certificate in Remote Sensing for Earth Observation
