Global Cybersecurity Risk & Policy Intelligence Modeling

2025 MCM/ICM Mathematical Contest in Modeling2025.02
Cybersecurity
Mathematical Modeling
Time Series
Policy Analysis
Heatmap
NLP
Data Visualization
GCI

Data Analytics · Time Series · Policy Intelligence · Geographic Visualization · NLP

Project Overview

This project explored the global distribution of cybercrime, national cybersecurity preparedness, and the relationship between digital development and cyber risk. Using international cybersecurity datasets, policy reports, cyberattack statistics, and Global Cybersecurity Index (GCI) data, we built an integrated analytical framework to study how cyber threats vary across regions, industries, and regulatory environments. The project focused on three major questions: 1. Which countries and regions experience the highest concentration of cybercrime activity? 2. How do national cybersecurity laws and governance systems influence cybercrime prevention and response effectiveness? 3. How do socioeconomic and demographic factors such as internet penetration, economic development, and digital infrastructure correlate with cybercrime trends? To answer these questions, we combined geographic analysis, time-series forecasting, statistical comparison, policy-text analysis, and visualization techniques. The final framework connected cyberattack frequency, breach costs, legal preparedness, and cybersecurity readiness into one coherent global risk assessment system. The results showed that highly digitalized economies such as the United States, United Kingdom, Germany, and China experience disproportionately high cyberattack pressure because of their economic value and digital infrastructure density. At the same time, countries with strong cybersecurity governance systems, including Estonia and Israel, demonstrated better resilience and prevention effectiveness. Developing regions with increasing internet penetration but weaker legal and technical systems showed rising cyber risk exposure and lower response capacity.

What I Did

  • Collected and integrated cybersecurity datasets from international reports, public databases, Kaggle breach datasets, GCI reports, and global cybercrime statistics.
  • Performed exploratory analysis on global cyberattack types, regional incident distribution, data breach trends, and industry-level economic losses.
  • Built regional heatmaps to visualize temporal changes in cybersecurity incidents across North America, Europe, Asia-Pacific, Latin America, and the Middle East.
  • Analyzed cybersecurity policy effectiveness by comparing legal coverage, breach notification laws, interception regulations, and online identity protection frameworks across regions.
  • Studied Global Cybersecurity Index (GCI) scores and interpreted how legal, technical, organizational, capacity-development, and cooperation pillars contribute to national cyber resilience.
  • Conducted time-series trend analysis on annual global breach costs and projected future cybersecurity economic impact using historical growth patterns.
  • Compared industry-level breach costs and identified healthcare, finance, and government sectors as the most economically vulnerable industries.
  • Performed policy-text analysis and cybersecurity keyword extraction using NLP-based word cloud analysis on GDPR-related and national cybersecurity law documents.
  • Synthesized quantitative findings into strategic recommendations for policymakers, including cybersecurity education, international cooperation, breach regulation, and digital infrastructure protection.
  • Contributed to the final modeling report structure, visualization design, analytical interpretation, and policy recommendation writing.

Methodology

  • Data Collection: gathered multi-source cybersecurity datasets including GCI reports, cybercrime databases, IBM threat intelligence reports, breach-cost reports, and public regulatory documents.
  • Data Cleaning & Integration: standardized country names, regional classifications, yearly metrics, and breach categories to create a unified analytical dataset.
  • Geographic Analysis: constructed regional heatmaps and country-level cybersecurity distribution maps to analyze spatial patterns of cyber incidents.
  • Trend & Time-Series Analysis: analyzed annual growth trends of breach incidents and global breach costs to identify long-term cybersecurity risk escalation.
  • Policy Comparison Framework: categorized cybersecurity laws into legal protection dimensions such as illegal access, data interception, identity theft, and breach notification systems.
  • GCI Evaluation Analysis: interpreted the five-pillar Global Cybersecurity Index framework, including legal, technical, organizational, capacity development, and international cooperation dimensions.
  • Industry Risk Analysis: compared average breach costs across industries and identified which sectors carry the highest financial and operational cyber risk.
  • NLP & Text Mining: generated cybersecurity policy word clouds and extracted dominant themes such as data protection, digital sovereignty, cybersecurity governance, and privacy regulation.
  • Scenario Interpretation: linked cybersecurity readiness with socioeconomic variables such as internet penetration, digital infrastructure development, and institutional maturity.
  • Policy Recommendation Modeling: translated analytical findings into strategic cybersecurity governance recommendations for countries at different development stages.

Reflection

This project helped me realize that cybersecurity is not only a technical problem, but also a policy, economic, and societal challenge. Countries with stronger digital economies are often more exposed to cyber threats because they possess higher-value infrastructure and data assets. However, strong cybersecurity outcomes depend not only on technical defense systems, but also on legal frameworks, public awareness, education systems, and international cooperation. One of the biggest insights from this project was understanding the importance of combining quantitative modeling with policy analysis. A heatmap or trend forecast alone cannot fully explain why some countries perform better than others. The broader institutional environment — including regulation quality, breach notification systems, cybersecurity education, and response coordination — plays a critical role in determining cyber resilience. This project also strengthened my ability to work with heterogeneous global datasets and transform complex international policy information into interpretable visual and analytical insights. I learned how to combine geographic analysis, time-series analysis, visualization, and NLP techniques into one integrated modeling framework. If I continued this project, I would expand the work by incorporating real-time cyberattack feeds, machine learning–based risk prediction, network analysis of international cybercrime activity, and dynamic cybersecurity readiness scoring systems. I would also explore how AI-generated threats and large language models may reshape future cybersecurity governance and international cyber risk landscapes.