HERMENEUT | Enterprises intangible Risks Management via Economic models based on simulatioN of modErn cyber-aTtacks

Summary
IT security and risk management often ignore or underestimate the human factor (psychological, behavioural, societal, organisational and economic aspects) in the identification of cyber-risks, their quantitative economic impact and the costs of countermeasures. Cyber-attacks can harm intangible assets like reputation, IPR, expertise, and know-how. And there is severe imbalance between the efficiency of attacks and inadequate defences, due in part to the lack of quantitative information for decision makers to prioritise security investments.
To foster a culture of risk management by an individual organisation or a complete sector, HERMENEUT answers: What is the real fallout of a data compromise and the long-run consequences on associated assets? What are the losses for intangible assets? Do other type of attacks (beyond data breach) severely impact intangible and tangible assets?
HERMENEUT assesses vulnerabilities of organisations and corresponding tangible and intangible assets at risk, taking into account the business plans of the attacker, the commoditisation level of the target organisations, the exposure of the target and including human factors as well as estimating the likelihood that a potential cyber-attack exploits identified vulnerabilities. HERMENEUT’s cyber-security cost-benefit approach combines integrated assessment of vulnerabilities and their likelihoods with an innovative macro- and micro-economic model for intangible costs, delivering a quantitative estimation of the risks for an organisation or a business sector and investment guidelines for mitigation measures. 11 partners from 6 countries deliver an innovative methodology and advanced macro- and micro-economic models and make it available to the European research community. HERMENEUT implements its innovations in a decision support tool, tested with 2 users in healthcare and an IPR-intensive industry.
Unfold all
/
Fold all
More information & hyperlinks
Web resources: https://cordis.europa.eu/project/id/740322
Start date: 01-05-2017
End date: 30-06-2019
Total budget - Public funding: 2 007 692,50 Euro - 2 007 692,00 Euro
Cordis data

Original description

IT security and risk management often ignore or underestimate the human factor (psychological, behavioural, societal, organisational and economic aspects) in the identification of cyber-risks, their quantitative economic impact and the costs of countermeasures. Cyber-attacks can harm intangible assets like reputation, IPR, expertise, and know-how. And there is severe imbalance between the efficiency of attacks and inadequate defences, due in part to the lack of quantitative information for decision makers to prioritise security investments.
To foster a culture of risk management by an individual organisation or a complete sector, HERMENEUT answers: What is the real fallout of a data compromise and the long-run consequences on associated assets? What are the losses for intangible assets? Do other type of attacks (beyond data breach) severely impact intangible and tangible assets?
HERMENEUT assesses vulnerabilities of organisations and corresponding tangible and intangible assets at risk, taking into account the business plans of the attacker, the commoditisation level of the target organisations, the exposure of the target and including human factors as well as estimating the likelihood that a potential cyber-attack exploits identified vulnerabilities. HERMENEUT’s cyber-security cost-benefit approach combines integrated assessment of vulnerabilities and their likelihoods with an innovative macro- and micro-economic model for intangible costs, delivering a quantitative estimation of the risks for an organisation or a business sector and investment guidelines for mitigation measures. 11 partners from 6 countries deliver an innovative methodology and advanced macro- and micro-economic models and make it available to the European research community. HERMENEUT implements its innovations in a decision support tool, tested with 2 users in healthcare and an IPR-intensive industry.

Status

CLOSED

Call topic

DS-04-2016

Update Date

27-10-2022
Images
No images available.
Geographical location(s)
Structured mapping
Unfold all
/
Fold all
Horizon 2020
H2020-EU.3. SOCIETAL CHALLENGES
H2020-EU.3.7. Secure societies - Protecting freedom and security of Europe and its citizens
H2020-EU.3.7.4. Improve cyber security
H2020-DS-SC7-2016
DS-04-2016 Economics of Cybersecurity