Toward a behavioral ontology for cybersecurity: Introducing SebDB

Cyberattacks that target individuals remain a significant threat to an organization’s security, placing human behavior at the center of effective defense. This paper focuses on this topic and makes two novel contributions to the field. First, we introduce the Security Behaviors Database (SebDB), an open-source resource that documents security behaviors, links them to organizational risks, and maps them to established security standards. SebDB currently includes more than 100 core behaviors, associated impacts when behaviors are not followed, and alignments with widely used frameworks, including the NIST Cybersecurity Framework (CSF) and MITRE ATT\&CK. Developed by a consortium of practitioners and researchers, SebDB is intended to improve the understanding, modeling, and measurement of human cyber risk and to support behavior-change initiatives that can measurably improve security posture. In this article, we describe the motivation, design, and structure of SebDB, including behaviors and their risk and control mappings. The second novel contribution of this research is the proposal of a behavioral ontology for cybersecurity. This ontology, which realizes the overarching vision for SebDB, presents one of the first comprehensive conceptualizations of knowledge in the behavioral security and human aspects of the cybersecurity domains. Through this ontology, we model how behaviors can be linked to risks, threat actor tactics, vulnerabilities, and security controls, while also covering how behavioral interventions can be leveraged as part of an organization’s security strategy.