The National Institute of Standards and Technology (NIST) provides a Cybersecurity Framework (CSF) for benchmarking and measuring the maturity level of cyber security programs across all industries. The City uses this framework and toolset to measure and report on its internal cyber security program.The foundation for this measure is the Framework Core, a set of cybersecurity activities, desired outcomes and applicable references that are common across critical infrastructure/industry sectors. These activities come from the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) published standard, along with the information security and customer privacy controls it references (NIST 800 Series Special Publications). The Framework Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level. The Framework Core consists of five concurrent and continuous functions – identify, protect, detect, respond, and recover. When considered together, these functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. The Framework Core identifies underlying key categories and subcategories for each function, and matches them with example references, such as existing standards, guidelines and practices for each subcategory. This page provides data for the Cybersecurity performance measure.Cybersecurity Framework cumulative score summary per fiscal year quarter (Performance Measure 5.12)The performance measure page is available at 5.12 Cybersecurity.Additional InformationSource: Maturity assessment / https://www.nist.gov/topics/cybersecurityContact: Scott CampbellContact E-Mail: Scott_Campbell@tempe.govData Source Type: ExcelPreparation Method: The data is a summary of a detailed and confidential analysis of the city's cyber security program. Maturity scores of subcategories within NIST CFS are combined, averaged and rolled up to a summary score for each major category.Publish Frequency: AnnualPublish Method: ManualData Dictionary

The foundation for this measure is the Framework Core, a set of cybersecurity activities, desired outcomes and applicable references that are common across critical infrastructure/industry sectors. These activities come from the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) published standard, along with the information security and customer privacy controls it references (NIST 800 Series Special Publications). The Framework Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level. The Framework Core consists of five concurrent and continuous functions – identify, protect, detect, respond, and recover. When considered together, these functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. The Framework Core identifies underlying key categories and subcategories for each function, and matches them with example references, such as existing standards, guidelines and practices for each subcategory. This page provides data for the Cybersecurity performance measure.Cybersecurity Framework (CSF) scores by each CSF category per fiscal year quarter (Performance Measure 5.12)The performance measure dashboard is available at 5.12 Cybersecurity.Additional InformationSource: Maturity assessment /https://www.nist.gov/topics/cybersecurityContact: Scott CampbellContact E-Mail: Scott_Campbell@tempe.govData Source Type: ExcelPreparation Method: The data is a summary of a detailed and confidential analysis of the city's cyber security program. Maturity scores of subcategories within NIST CFS are combined, averaged and rolled up to a summary score for each major category.Publish Frequency: Annual

📌 Context of the Dataset

The Healthcare Ransomware Dataset was created to simulate real-world cyberattacks in the healthcare industry. Hospitals, clinics, and research labs have become prime targets for ransomware due to their reliance on real-time patient data and legacy IT infrastructure. This dataset provides insight into attack patterns, recovery times, and cybersecurity practices across different healthcare organizations.

Why is this important?

Ransomware attacks on healthcare organizations can shut down entire hospitals, delay treatments, and put lives at risk. Understanding how different healthcare organizations respond to attacks can help develop better security strategies. The dataset allows cybersecurity analysts, data scientists, and researchers to study patterns in ransomware incidents and explore predictive modeling for risk mitigation.

📌 Sources and Research Inspiration This simulated dataset was inspired by real-world cybersecurity reports and built using insights from official sources, including:

1️⃣ IBM Cost of a Data Breach Report (2024)

The healthcare sector had the highest average cost of data breaches ($10.93 million per incident). On average, organizations recovered only 64.8% of their data after paying ransom. Healthcare breaches took 277 days on average to detect and contain.

2️⃣ Sophos State of Ransomware in Healthcare (2024)

67% of healthcare organizations were hit by ransomware in 2024, an increase from 60% in 2023. 66% of backup compromise attempts succeeded, making data recovery significantly more difficult. The most common attack vectors included exploited vulnerabilities (34%) and compromised credentials (34%).

3️⃣ Health & Human Services (HHS) Cybersecurity Reports

Ransomware incidents in healthcare have doubled since 2016. Organizations that fail to monitor threats frequently experience higher infection rates.

4️⃣ Cybersecurity & Infrastructure Security Agency (CISA) Alerts

Identified phishing, unpatched software, and exposed RDP ports as top ransomware entry points. Only 13% of healthcare organizations monitor cyber threats more than once per day, increasing the risk of undetected attacks.

5️⃣ Emsisoft 2020 Report on Ransomware in Healthcare

The number of ransomware attacks in healthcare increased by 278% between 2018 and 2023. 560 healthcare facilities were affected in a single year, disrupting patient care and emergency services.

📌 Why is This a Simulated Dataset?

This dataset does not contain real patient data or actual ransomware cases. Instead, it was built using probabilistic modeling and structured randomness based on industry benchmarks and cybersecurity reports.

How It Was Created:

1️⃣ Defining the Dataset Structure

The dataset was designed to simulate realistic attack patterns in healthcare, using actual ransomware case studies as inspiration.

Columns were selected based on what real-world cybersecurity teams track, such as: Attack methods (phishing, RDP exploits, credential theft). Infection rates, recovery time, and backup compromise rates. Organization type (hospitals, clinics, research labs) and monitoring frequency.

2️⃣ Generating Realistic Data Using ChatGPT & Python

ChatGPT assisted in defining relationships between attack factors, ensuring that key cybersecurity concepts were accurately reflected. Python’s NumPy and Pandas libraries were used to introduce randomized attack simulations based on real-world statistics. Data was validated against industry research to ensure it aligns with actual ransomware attack trends.

3️⃣ Ensuring Logical Relationships Between Data Points

Hospitals take longer to recover due to larger infrastructure and compliance requirements. Organizations that track more cyber threats recover faster because they detect attacks earlier. Backup security significantly impacts recovery time, reflecting the real-world risk of backup encryption attacks.

Percentage of enterprises impacted by cyber security incidents in specific ways by the North American Industry Classification System (NAICS) and size of enterprise.

Businesses who reported the number of times their business experienced cyber security incidents, by North American Industry Classification System (NAICS) and enterprise size.

Analysis of ‘5.12 Cybersecurity (detail)’ provided by Analyst-2 (analyst-2.ai), based on source dataset retrieved from https://catalog.data.gov/dataset/dd09ac38-1fb4-4972-b1ff-339e05891547 on 11 February 2022.

--- Dataset description provided by original source is as follows ---

--- Original source retains full ownership of the source dataset ---

This report provides an overview of the cyber security self-assessment form developed & published by the National Cyber Security Centre of the Dept. of Environment, Climate & Communications. The report sets out user experience from the application of the self-assessment form.

man-in-the-middle (MITM)

Percentage of enterprises that use specific cyber security measures by the North American Industry Classification System (NAICS) and size of enterprise.

An extensive dataset offering key insights into cyber security statistics and trends for 2025, including data breaches, cybercrime costs, threat vectors, and industry-specific impacts.

Average spending on specific measures to prevent or detect cyber security incidents by the North American Industry Classification System (NAICS) and size of enterprise.

Average spending on specific measures to recover from cyber security incidents by the North American Industry Classification System (NAICS) and size of enterprise.

Percentage of enterprises that have a specific number of employees that complete tasks related to cyber security as part of their regular responsibilities by the North American Industry Classification System (NAICS) and size of enterprise.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

Market Summary of Database Security Market:

• The Global Database Security market size in 2023 was XX Million. The Database Security Industry's compound annual growth rate (CAGR) will be XX% from 2024 to 2031. • The database security industry is growing faster and is expected to expand at a faster rate due to these strict regulatory frameworks. Also, the increase in advanced technology for better protection of data is driving the growth of the Database security market. • The dominating segment is the software. It includes encryption, auditing, tokenization, data masking, and access control management. • Due to the increase in internet users, remote working demand, and risk of data breaches, the COVID-19 pandemic has had a beneficial effect on the market for data security solutions. • The database security market is dominated by North America in terms of both revenue and market share. This can be attributed to the region's concentration of significant industry participants and increasing technical advancements in their product line.

Market Dynamics of Database Security Market:

Key Drivers of Database Security Market:

The Database Security Market is driven by the strict regulatory framework to address information security

Regulatory frameworks can establish standards that developers and users must follow to guarantee a secure database. The market is growing as a result of increasingly stringent regulations enforced globally to protect sensitive data by governments and other relevant authorities in numerous nations. Currently, rules for data localization are in place in most of the countries. These have significant effects on how businesses interact with local regulations as well as their IT footprints, data governance, and data architectures. The general goals of localization regulations are to stop cybercrimes (such as identity theft), boost local economies, and possibly most importantly address growing privacy concerns. The desire of firms to utilize data for their commercial advantage is often the most contentious topic, with different governments arriving at different judgments about how to balance it. Data must be processed and stored within a specific nation or region to comply with geographic constraints on data export. For each of these, businesses must build a unique infrastructure, set of computing resources, and teams. For Instance, two sets of standard contractual agreements were adopted by the European Commission, one was meant for use between controllers and processors, and the other was meant for the transfer of personal data to third parties. They ensure a high level of data privacy for citizens by reflecting new standards under the General Data Privacy Regulation (GDPR) and taking the Court of Justice's Schrems II ruling into consideration. These new tools will provide European firms with greater legal stability and aid SMEs in particular to maintain compliance with secure data transfer standards while enabling unrestricted cross-border data movement. (Source: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847) Furthermore, Federal Financial Institutions, the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI-DSS), Examination Council (FFIEC), etc are some strict regulatory measures for protection. So, the database security industry is growing faster and is expected to expand at a faster rate due to these strict regulatory frameworks.

Key Restraints of Database Security Market

Lack of skills and technological knowledge in database security market

Inadequate information security may lead to disruptions in socially significant activities, inability to do business appropriately and efficiently, and loss of personal integrity protection. Nevertheless, obstacles including unclear career routes, out-of-date education, expensive certifications, and high levels of job stress deter people from choosing cybersecurity as a vocation. For Instance, As of May 2023, there were 40,000 cybersecurity job openings in India; however, a significant lack of skilled workers prevented 30% of these positions from being filled, according to TeamLease Digital, a division of TeamLease Services. The need for cybersecurity experts has outpaced supply, making it difficult for m...

Powerful personal computers, high-bandwidth and wireless networking technologies, and the widespread use of the Internet have transformed stand-alone computing systems and predominantly closed networks into the virtually seamless fabric of today`s information technology IT infrastructure. This infrastructure provides for the processing, transmission, and storage of vast amounts of vital information used in virtually every facet of society, and it enables Federal agencies to routinely interact with each other as well as with industry, private citizens, state and local governments, and the governments of other nations...

The cloud-based database security market is experiencing robust growth, projected to reach a market size of $6.5 billion in 2025 and exhibiting a Compound Annual Growth Rate (CAGR) of 14.7% from 2025 to 2033. This expansion is driven by several key factors. The increasing adoption of cloud computing across various sectors, including BFSI (Banking, Financial Services, and Insurance), retail, healthcare, and government, necessitates robust security solutions to protect sensitive data residing in the cloud. Furthermore, the rising frequency and sophistication of cyberattacks targeting databases are compelling organizations to invest heavily in advanced security measures. The market is segmented by deployment (public, private, hybrid) and end-user vertical, with BFSI and other data-intensive industries showing significant growth potential. The competitive landscape comprises both established players like IBM, McAfee, and Oracle, and emerging specialized vendors like Axis Technology and Voltage Security. Geographical growth is anticipated across North America (especially the US), Europe, and the Asia-Pacific region, driven by increasing digital transformation initiatives and stringent data privacy regulations. Hybrid cloud deployment models are expected to gain traction as businesses seek a balance between security, flexibility, and cost-effectiveness. The sustained growth trajectory is influenced by several trends. The increasing adoption of AI and machine learning in database security solutions enhances threat detection and response capabilities. Furthermore, the growing emphasis on compliance with regulations like GDPR and CCPA is driving demand for compliant cloud-based database security solutions. However, challenges remain. Cost considerations, integration complexities, and skills shortages in cybersecurity professionals pose potential restraints on market growth. To overcome these, vendors are focusing on developing user-friendly, scalable, and cost-effective solutions, along with investing in robust training and education programs to bridge the skills gap. The market's future hinges on continuous innovation, addressing emerging threats, and fostering collaboration across the industry to secure sensitive data in the increasingly complex cloud environment. Recent developments include: April 2023: Accenture and Google Cloud announced expanding their global partnership to assist businesses in better protecting critical assets and strengthening security against persistent cyber threats. Jointly, they are providing the technology and security expertise to the organization's trusted infrastructure required to build robust security programs and maintain confidence in their readiness., March 2023: IBM and Cohesity collaborated to address organizations' increased data security and resiliency in hybrid cloud environments. Integrating data protection, cyber resilience, and data management capabilities from both companies, IBM launched the IBM Storage Defender solution, including Cohesity's data protection as an integral part of the offering. IBM Storage Defender is designed to support AI and event monitoring across various storage platforms through a single glass pane to protect organizations' data layers from risks like ransomware, sabotage, and human error., March 2023 - Mastercard acquired cloud-based cybersecurity company Baffin Bay Networks to assist businesses in dealing with the increasingly challenging nature of cyberattacks. Baffin Bay Networks, based in Sweden, adds to Mastercard's multi-layered approach to cybersecurity and assists in stopping attacks while mitigating exposure to risk across the ecosystem. The acquisition further strengthens Mastercard's broader service offerings and value beyond the payment transaction.. Key drivers for this market are: Increasing Volumes of Data Being Generated from Information-Escalated Applications is Driving the Market Growth. Potential restraints include: Loss of Control over Data Location Hinders the Market. Notable trends are: Healthcare End-user Vertical is Expected to Hold Significant Market Share.

Database Security Solution Market Outlook

The global database security solution market was valued at USD 4.5 billion in 2023 and is projected to reach USD 11.7 billion by 2032, growing at a compound annual growth rate (CAGR) of 11.5% from 2024 to 2032. This remarkable growth can be attributed to the increasing volume of data generated and stored by organizations, rising cyber threats, regulatory compliance requirements, and the growing adoption of cloud-based services across various industries.

One of the primary growth factors for the database security solution market is the exponential increase in data generation and storage. With the advent of big data, IoT, and advanced analytics, organizations are producing vast amounts of data that need to be securely stored and managed to prevent unauthorized access and data breaches. As a result, there is a growing demand for robust database security solutions that can protect sensitive information across diverse databases and platforms, ensuring data privacy and integrity.

Another significant growth driver is the rising number of cyber threats and data breaches. Organizations face sophisticated cyber-attacks that target confidential and high-value data, leading to financial losses, reputational damage, and regulatory penalties. This has necessitated the implementation of advanced database security solutions that offer real-time threat detection, encryption, access control, and audit capabilities to safeguard critical data and maintain business continuity.

Compliance with stringent regulatory frameworks is also propelling the growth of the database security solution market. Regulations such as GDPR, HIPAA, and CCPA mandate the protection of personal and sensitive information, compelling organizations to adopt comprehensive database security measures. Businesses are investing heavily in database security solutions to meet these regulatory requirements, avoid hefty fines, and build customer trust by ensuring data confidentiality and compliance.

The advent of Big Data Security has become a pivotal aspect in the realm of database security solutions. As organizations increasingly rely on big data analytics to drive business insights, the security of this data becomes paramount. Big Data Security involves implementing comprehensive measures to protect large volumes of data from unauthorized access and breaches. It encompasses various strategies, including encryption, access controls, and real-time monitoring, to ensure that sensitive data remains protected throughout its lifecycle. As the volume and complexity of data continue to grow, the demand for advanced Big Data Security solutions is expected to rise, driving further innovation and investment in this area.

Regionally, the database security solution market is witnessing significant growth, with North America leading the charge due to its advanced technological infrastructure, early adoption of innovative security solutions, and stringent data protection laws. Europe is also experiencing substantial growth driven by the enforcement of GDPR and increasing awareness of data privacy issues. The Asia Pacific region is projected to witness the highest CAGR during the forecast period, fueled by the rapid digital transformation, rising cyber threats, and growing government initiatives to enhance cybersecurity.

Component Analysis

The database security solution market can be segmented by component into software, hardware, and services. The software segment holds the largest market share, driven by the extensive use of database security software to protect data against unauthorized access, malware, and other cyber threats. These software solutions offer various functionalities such as encryption, access control, auditing, and monitoring, making them indispensable for organizations looking to secure their databases effectively.

The hardware segment, although smaller compared to software, plays a crucial role in enhancing database security. Hardware-based security solutions, such as hardware security modules (HSMs), are used for cryptographic key management and secure storage of sensitive data. These solutions provide an additional layer of security by ensuring that cryptographic operations are performed in a tamper-resistant environment, thus preventing unauthorized access and key compromise.

The services segment is also witnessing significant growth, driven by the increasing demand for m

In this document, comprehensive datasets are presented to advance research on information security breaches. The datasets include data on disclosed information security breaches affecting S&P500 companies between 2020 and 2023, collected through manual search of the Internet. Overall, the datasets include 504 companies, with detailed information security breach and financial data available for 97 firms that experienced a disclosed information security breach. This document will describe the datasets in detail, explain the data collection procedure and shows the initial versions of the datasets. Contact at Tilburg University Francesco Lelli

Description

The datasets demonstrate the malware economy and the value chain published in our paper, Malware Finances and Operations: a Data-Driven Study of the Value Chain for Infections and Compromised Access, at the 12th International Workshop on Cyber Crime (IWCC 2023), part of the ARES Conference, published by the International Conference Proceedings Series of the ACM ICPS.

Using the well-documented scripts, it is straightforward to reproduce our findings. It takes an estimated 1 hour of human time and 3 hours of computing time to duplicate our key findings from MalwareInfectionSet; around one hour with VictimAccessSet; and minutes to replicate the price calculations using AccountAccessSet. See the included README.md files and Python scripts.

We choose to represent each victim by a single JavaScript Object Notation (JSON) data file. Data sources provide sets of victim JSON data files from which we've extracted the essential information and omitted Personally Identifiable Information (PII). We collected, curated, and modelled three datasets, which we publish under the Creative Commons Attribution 4.0 International License.

1. MalwareInfectionSet We discover (and, to the best of our knowledge, document scientifically for the first time) that malware networks appear to dump their data collections online. We collected these infostealer malware logs available for free. We utilise 245 malware log dumps from 2019 and 2020 originating from 14 malware networks. The dataset contains 1.8 million victim files, with a dataset size of 15 GB.

2. VictimAccessSet We demonstrate how Infostealer malware networks sell access to infected victims. Genesis Market focuses on user-friendliness and continuous supply of compromised data. Marketplace listings include everything necessary to gain access to the victim's online accounts, including passwords and usernames, but also detailed collection of information which provides a clone of the victim's browser session. Indeed, Genesis Market simplifies the import of compromised victim authentication data into a web browser session. We measure the prices on Genesis Market and how compromised device prices are determined. We crawled the website between April 2019 and May 2022, collecting the web pages offering the resources for sale. The dataset contains 0.5 million victim files, with a dataset size of 3.5 GB.

3. AccountAccessSet The Database marketplace operates inside the anonymous Tor network. Vendors offer their goods for sale, and customers can purchase them with Bitcoins. The marketplace sells online accounts, such as PayPal and Spotify, as well as private datasets, such as driver's licence photographs and tax forms. We then collect data from Database Market, where vendors sell online credentials, and investigate similarly. To build our dataset, we crawled the website between November 2021 and June 2022, collecting the web pages offering the credentials for sale. The dataset contains 33,896 victim files, with a dataset size of 400 MB.

Credits Authors

Billy Bob Brumley (Tampere University, Tampere, Finland)

Juha Nurmi (Tampere University, Tampere, Finland)

Mikko Niemelä (Cyber Intelligence House, Singapore)

Funding

This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme under project numbers 804476 (SCARE) and 952622 (SPIRS).

Alternative links to download: AccountAccessSet, MalwareInfectionSet, and VictimAccessSet.