Md Imran, Khan and Abdul Azeem, Mohammed and Md Murad, Hasan (2023) Data-Driven Cybersecurity The Role of Business Analytics in Risk Management and Incident Response. American Journal of Economics and Business Management, 6 (8). ISSN 2576-5973

Text Data-Driven Cybersecurity The Role of Business Analytics in Risk Management and Incident Response.pdf Download (1MB)

Abstract

The evolution of cyber threats is very dynamic and thus the challenge to organizations to seek the protection of digital assets and maintain business continuity. With conventional defense mechanisms failing to respond to sophisticated patterns of attacks, the need to incorporate data analytics into the cybersecurity operations has become an important strategic demand. In this study, the issue of business analytics as a means of fortifying cybersecurity, specifically, in the domain of risk management and incident response, will be studied. It is anchored upon the Hornet 15 data, which is a freely accessible repository of network flow data that has been collected during a seven-day period by honeypots present in eight cities that are distributed across the globe. The data provide a one-of-a-kind understanding of geographical variations in the intensity of cyberattacks and their patterns, creating the possibility to investigate regional exposure to threat and deviations in traffic comprehensively. The framework of the methodology includes statistical analysis, the identification of anomalies, and making predictions with the help of Python, Excel, and Kaggle environments. Among the methods, it is possible to note the use of a combination of the Isolation Forest algorithm to identify abnormal flow patterns and of the Random Forest classifier to identify the potentially harmful traffic that can be done with a high level of accuracy. Visualization techniques, such as bar graphs or heatmaps or geospatial thread Mapping are also used to increase interpretability. The peculiarities of geographical differentiation of the attack volume, the number of different source IP addresses, or data transmission patterns are observed cities, which are shown to be at a higher threat of being attacked. The insights produced during analysis demonstrate the importance of location-based threat information and justify the implementation of region-specific protection measures. In the study, the effectiveness of incorporating the business analytics techniques in cybersecurity structures has been brought forward. Improved data visibility, live monitoring, and business decision-making are outlined to be some of the main results of such a practice. The results lead to the development of data-driven approaches to cybersecurity and yield practical guidance to companies that want to transform their ability to evaluate risks and respond to incidents.

Item Type:	Article
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:	Postgraduate > Master's of Islamic Education
Depositing User:	Journal Editor
Date Deposited:	02 Jul 2025 09:57
Last Modified:	02 Jul 2025 09:57
URI:	http://eprints.umsida.ac.id/id/eprint/16242

Actions (login required)

View Item