Asian Journal of Research in Computer Science

This study investigates policy responses to strengthening cyber resilience in the face of expanding global threats, using U.S.–China cyber dynamics as a reference case. Four open datasets were employed: Verizon Data Breach Investigations Report (DBIR), CISA Known Exploited Vulnerabilities (KEV) Catalogue, ENISA Threat Landscape Reports, and the (ISC)² Cybersecurity Workforce Study to generate quantitative insights that connect technical evidence to policy outcomes. The analysis applied ARIMA modelling for forecasting incident trends, Pareto concentration analysis for identifying critical vulnerability clusters, and a Difference-in-Differences regression to evaluate the effectiveness of the European Union’s NIS2 directive. Findings reveal that state-sponsored cyber incidents have risen sharply from 130 in 2013 to a projected 535 by 2027, with 20% of technologies accounting for over 70% of exploited vulnerabilities. The NIS2 directive demonstrated an 18% reduction in post-policy incidents across the EU compared to continued increases in the United States, underscoring the value of structured regulatory intervention. Additionally, the study emphasises Zero Trust architecture as a cornerstone of modern resilience, highlighting its potential to contain adversarial movement and reduce systemic exposure. The results provide actionable insights for policymakers, regulators, and security leaders seeking evidence-based approaches to improve governance, reporting frameworks, and international coordination. Ultimately, this research advances the understanding of how data-driven policy design anchored in Zero Trust principles and cross-jurisdictional governance, such as NIS2, can reinforce global cyber stability and foster a more resilient digital ecosystem.