The University of Maryland’s Center for the Governance of Technology and Systems (GoTech), with previous support from the Center for International and Security Studies at Maryland (CISSM), has launched a new public web application for the Cyber Events Database 2.0 (CEDB 2.0), providing open public access to one of the most comprehensive structured datasets on global cyber activity.
The platform, available at cybereventsdatabase.org, currently includes 16,729 fully coded cyber events spanning 178 countries, tracked from 2014 through March 2026. The database identifies 1,459 unique threat actors and documents an average of 1,195 cyber events per year, reflecting the sustained scale of global cyber operations. In 2025 alone, 1,573 new events were recorded across 108 target countries.
The new web application transforms the CEDB 2.0 into an interactive research platform. Users can:
- Apply advanced filters by date range, country, industry, threat actor type, target country, motive, and event type
- Distinguish between exploitative, disruptive, and mixed cyber events
- Visualize trends over time
- Examine detailed individual event records
- Download structured datasets in both CSV and JSON formats
- Conduct descriptive data analysis using the AI assistant
By combining structured taxonomy with interactive functionality, the platform enables researchers, policymakers, cybersecurity professionals, and students to analyze global cyber patterns systematically rather than relying on isolated news reports.
The database represents a sustained effort over the past decade to rigorously capture and code cyber event sample data. This effort allows researchers to systematically explore broad trends between states, the use of non-state proxies, or the impact of threat actors across industries among many other research avenues. The new web app makes that analysis even more accessible.Dr. Charles Harry Director of GoTech
The CEDB 2.0 is built on a standardized classification framework published in the Journal of Information Warfare and developed by Harry and CISSM Director Nancy Gallagher. The framework categorizes cyber events by primary effect, whether data theft, operational disruption, or both. Each record is systematically coded to capture threat actor type, motive, industry classification, and severity measures when available
The database has been leveraged by leading international financial institutions, including the European Central Bank, Deutsche Bundesbank, Banco de España, the Bank of Japan, the World Bank, the International Monetary Fund and the European Securities and Markets Authority (ESMA). In the United States, it has also been cited by the The Federal Reserve Board, the U.S. National Institute of Standards and Technology (NIST), and other organizations.
The web platform reflects GoTech’s broader commitment to expanding transparent, open-source infrastructure for cybersecurity research. Monthly updates are released on the second Wednesday of each month.
