Global Cyber Event Taxonomy

Graph network of many nodes

An international open-source standard for the classification of global cyber security events

Iteratively developed

Through a combination of our cutting-edge technology platform and in-depth human analysis the Global Cyber Event Taxonomy ("GCET") provides an open-source international standard for the classification of cyber security incidents.

Categorising events by attributes such as threat actor involved, attack vector exploited, controls that failed or were missing, cyber risk category, costs incurred, non-control risk mitigation applied etc. enables the GCET to provide a standardised mechanism for the searching, filtering and analysis of global cyber security events.


Although the GCET was developed using our proprietary library of case studies we have decided to release it as an open-source resource. This provides the rights for any organisation to use the taxonomy in their work, whether for commercial or non-commercial projects, as long as any modifications are provided back to the open-source community under the same terms.

We believe that to truly build the strongest defense against the cyber threat collaboration is crucial and best achieved by pooling resources and expertise. The GCET provides organisations with a common language to communicate cyber event data, speeding up collaboration and enhancing participation in our efforts to meet this challenge.

The most recent release of the GCET is availalble via its GitHub repository.


A visualisation of the live taxonomy as used by us in the classification of our case studies is shown below.

Full view of the Global Cyber Event Taxonomy laid out as a radial tree