Utilising Journey Mapping and Crime Scripting to Combat Cybercrime and Cyber Warfare Attacks


This paper discusses ways in which utilising methods from typically non-cyber disciplines, business and criminology, can successfully be applied to the cyber domain to aid the fight  against  and  the  prevention  of  cyber-attacks,  including  those  used  in  cyber  warfare. Through the provision of a visual representation, this paper clarifies how journey mapping and crime scripting can help build an understanding of the steps criminals or adversaries in general undertake during the execution of a cybercrime or cyber-warfare attack.


Photo of Tiia Sõmer

Tallinn University of Technology
Tallinn, Estonia

Tiia Sõmer is an early stage researcher at Tallinn University of Technology, Tallinn, Estonia. Her research focuses on cybercrime and cyber forensics, leading TUT work on the EU E-CRIME project, a three-year European Union project, researching the economic   aspects   of   cybercrime. In addition, she has taught cyber security at the strategic level and prepared students for cyber- defence international policy-level competitions at the TUT. Before starting an academic career, she served for more than 20 years in the Estonian defence forces—including teaching at the staff college; working in diplomatic positions at national, NATO and EU levels; and, most recently, working at EDF HQ cyber security branch. Her master’s thesis, titled “Educational Computer Game for Cyber Security: A Game Concept”, focused on using games in the teaching of cyber security.  She is currently completing Ph.D.-level studies, focusing on journey mapping and its application in understanding and solving cyber incidents.


University of Warwick Coventry
United Kingdom

Bil Hallaq is a cyber security researcher with more than 15 years of academic, commercial and industrial experience. He previously spent several years handling and mitigating against various security threats and vulnerabilities within commercial environments. He is delivering on various projects including: the identification and application of novel techniques for OSINT, EU E-CRIME Project - comprised of several European partners including Interpol where he is working with partners on understanding criminal structures and mapping cybercriminal activities to produce and recommend effective countermeasures. His other applied research areas include identifying methods and techniques for cross border cyber attack attribution, mitigation at scale of complex multi-jurisdictional cyber events, and,  maritime  and  rail  cyber  security.  He  holds several professional qualifications including: penetration testing, incident response, malware investigation, digital forensics investigation amongst others.

Photo of Tim Watson

University of Warwick
Coventry, United Kingdom

Professor Tim Watson is the Director  of  the  Cyber Security Centre at WMG within the University of Warwick, Coventry, UK. He has more than 25 years’ experience in the computing industry and in academia and has been involved with a wide range of computer systems on several high-profile projects. In addition, he has served as a consultant for some of the largest telecoms, power, and oil companies. He is an adviser to various parts of the UK government and to several professional and standards bodies. His current research includes EU-funded projects on combating cyber-crime; UK MoD research into automated defence, insider threat, and secure remote working; and, EPSRC-funded research, focusing on the protection of critical national infrastructure against cyber-attack. He is a regular media commentator on digital forensics and cyber security.


Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.
















Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455