The field of geographic information systems (GIS) started in the 1960s as computers and early concepts of quantitative and computational geography emerged. Roger Tomlinson’s pioneering work to initiate, plan, and develop the Canada Geographic Information System resulted in the first computerized GIS in the world, in 1963. The Canadian government had commissioned Tomlinson to create a manageable inventory of its natural resources. He envisioned using computers to merge natural resource data from all provinces. Tomlinson created the design for automated computing to store and process large amounts of data.
Today GIS gives people the ability to create their own digital map layers to help solve real-world problems. GIS has also evolved into a means for data sharing and collaboration, inspiring a vision that is now rapidly becoming a reality—a continuous, overlapping, and interoperable GIS database of the world, about virtually all subjects. Today, hundreds of thousands of organizations are sharing their work and creating billions of maps every day to tell stories and reveal patterns, trends, and relationships about everything.
With its movement to web and cloud computing, and integration with real-time information via the Internet of Things, GIS has become a platform relevant to almost every human endeavor—a nervous system of the planet. As such the GIS role in cybersecurity is well established and continues to expand as more businesses discover the value of geospatial problem-solving for stopping an evolving array of dangers. Geographic information science offers resources that can help organizations analyze potentially compromised systems and develop stronger defenses.
Systems detect more infections with every passing second around the world. GIS helps us to understand the scale of this problem and detect meaningful trends. Mapping cyberattacks in real time reveals just how common such incidents are and how important it is for organizations to have updated countermeasures in place.
Fortunately, spatial information also helps more directly, allowing security experts to discover unauthorized activity early. To minimize the consequences of a data breach or malware attack, stakeholders need to communicate clearly and coordinate an immediate response. GIS can provide clear visualizations of the systems involved in an incident and promote situational awareness across multiple departments.
An Esri white paper showed how organizations can map out the connections between devices and coordinate their responses to intrusions. In this example, cyberspace is visualized in five layers:
- The social/persona layer, including all the employees using a network
- The device layer of those individuals’ computers and phones
- The logical network layer showing the connections between devices
- The physical network layer displaying the underlying infrastructure
- The geographic layer revealing the physical locations of all the relevant devices and systems
A detailed perspective on the flow of data through an organization’s network leads to actionable intelligence about any disruptions or device failures that may interfere with operations. Spatial information ties an incident to specific places, allowing experts to judge whether the issue stems from an intentional attempt to compromise the system and assess the effects. Maps can then guide cybersecurity and IT personnel as they set priorities and decisively head off the intrusion.
In our globally connected world, cybersecurity is crucial to keep essential infrastructure functioning properly. For example, a 2018 report from the U.S. Department of Energy noted that even as electrical power systems become more reliant on connections to the Internet, the safeguards at many energy companies have not kept pace with cyber threats. The DOE warned that, without proactive steps to address vulnerabilities in the power grid, compromised systems could prove disastrous for communities.
Cyberattacks on energy providers may take various forms, such as sending inaccurate information about the demand for power in particular areas. Systems responding to these false estimates of electricity use might cause imbalances and power outages. Fortunately, GIS can help to address this vulnerability.
Detection software uses GIS mapping to monitor the distribution of energy, giving energy companies greater visibility into operations throughout the power grid. Meanwhile, security detection algorithms can spot issues in the distribution load that might indicate that operators are receiving deceptive information. If any anomalies show up, energy providers can evaluate whether they are the result of a hack and respond accordingly.
A huge wealth of spatial information, like many of the findings gathered by NASA probes, is readily available to the public and researchers. However, some organizations retain spatial data that is proprietary or must be kept confidential due to security or privacy concerns. For example, geographic details may compromise the privacy of individuals who participate in healthcare or social science studies.
In these cases, cybersecurity professionals must implement a layer of security that prevents unauthorized access to geospatial information and metadata. Effective access control mechanisms may include:
- Clearly defined policy specifications for who can use geospatial features;
- Semantic reasoner software to enforce those policies;
- Identity management systems to check the credentials of users;
- Data authenticity verification.
As our world faces problems from expanding population, loss of nature, and pollution, GIS will play an increasingly important role in how we understand and address these issues and provide a means for communicating solutions using the common language of mapping.