Understanding Cyber Incident Dynamics in the European Union: A Study of Actor Types and Sector Vulnerabilities

As cyber threats have increased in both frequency and complexity, the European Union (EU) has taken measures to enhance its cybersecurity framework. This has included the implementation of directives such as NIS1 and NIS2, as well as the establishment of databases such as the European Repository of Cyber Incidents (EuRepoC) and the Cyber Events Database from the University of Maryland. This research investigates the relationships between different types of cyber actors and the corresponding incidents, as well as the correlation between industry sectors and types of cyber incidents. Utilizing chi-square testing on a dataset comprising over 14,000 cyberattack incidents, we identified statistically significant correlations that substantiate the hypotheses proposed. The results of the study indicated that specific actor types, such as nation-states and criminals, were more likely to be associated with particular incident types. In contrast, industry sectors like healthcare and public administration exhibited distinct vulnerabilities. The findings underscore the imperative for data-driven and sector-specific cybersecurity policies within the EU, underscoring the role of comprehensive data repositories in informing effective governance against cyber threats. It is imperative that member states continue to collaborate in order to leverage these insights and enhance resilience and safeguard critical services across Europe.