Google Maps is really cool, no doubt.
I happened to check out two separate incident databases recently (one datalossdb, the other a private beta), and both have leveraged Google Maps. I guess what I am struggling with is the utility of the feature. With physical incidents, it seems useful to track threat trends – terrorist / pirate hotspots, etc. – so that we can act in accordance with our risk tolerance levels.
While we may find geographic patterns in cybersecurity, these patterns rarely if ever reflect a concentration of threat – this being one of the significant differences between physical and logical attacks.
I don't think the value is nearly as high, and given the screen real estate required to display it, I am not sure using geographic maps is beneficial. Even the maps of things like worm/virus spreading across a globe are more about computer usage patterns (e.g. follow the sun) than anything meaningful (I think).
So I am curious what use cases you can come up with for geographic maps in the cybersecurity realm. Here are some ideas:
- Wireless hotspots showing areas of high/low concentration of vulnerable areas.
- Jurisdictional use – identifying countries or regions that have various differing compliance regimens.
What benefits do you see with geographic mapping in cybersecurity? Or put differently – what geographic information would provide input into a cybersecurity decision you need to make?