Summary
IT security and risk management often ignore or underestimate the human factor (psychological, behavioural, societal, organisational and economic aspects) in the identification of cyber-risks, their quantitative economic impact and the costs of countermeasures. Cyber-attacks can harm intangible assets like reputation, IPR, expertise, and know-how. And there is severe imbalance between the efficiency of attacks and inadequate defences, due in part to the lack of quantitative information for decision makers to prioritise security investments.
To foster a culture of risk management by an individual organisation or a complete sector, HERMENEUT answers: What is the real fallout of a data compromise and the long-run consequences on associated assets? What are the losses for intangible assets? Do other type of attacks (beyond data breach) severely impact intangible and tangible assets?
HERMENEUT assesses vulnerabilities of organisations and corresponding tangible and intangible assets at risk, taking into account the business plans of the attacker, the commoditisation level of the target organisations, the exposure of the target and including human factors as well as estimating the likelihood that a potential cyber-attack exploits identified vulnerabilities. HERMENEUT’s cyber-security cost-benefit approach combines integrated assessment of vulnerabilities and their likelihoods with an innovative macro- and micro-economic model for intangible costs, delivering a quantitative estimation of the risks for an organisation or a business sector and investment guidelines for mitigation measures. 11 partners from 6 countries deliver an innovative methodology and advanced macro- and micro-economic models and make it available to the European research community. HERMENEUT implements its innovations in a decision support tool, tested with 2 users in healthcare and an IPR-intensive industry.
To foster a culture of risk management by an individual organisation or a complete sector, HERMENEUT answers: What is the real fallout of a data compromise and the long-run consequences on associated assets? What are the losses for intangible assets? Do other type of attacks (beyond data breach) severely impact intangible and tangible assets?
HERMENEUT assesses vulnerabilities of organisations and corresponding tangible and intangible assets at risk, taking into account the business plans of the attacker, the commoditisation level of the target organisations, the exposure of the target and including human factors as well as estimating the likelihood that a potential cyber-attack exploits identified vulnerabilities. HERMENEUT’s cyber-security cost-benefit approach combines integrated assessment of vulnerabilities and their likelihoods with an innovative macro- and micro-economic model for intangible costs, delivering a quantitative estimation of the risks for an organisation or a business sector and investment guidelines for mitigation measures. 11 partners from 6 countries deliver an innovative methodology and advanced macro- and micro-economic models and make it available to the European research community. HERMENEUT implements its innovations in a decision support tool, tested with 2 users in healthcare and an IPR-intensive industry.
Unfold all
/
Fold all
More information & hyperlinks
| Web resources: | https://cordis.europa.eu/project/id/740322 |
| Start date: | 01-05-2017 |
| End date: | 30-06-2019 |
| Total budget - Public funding: | 2 007 692,50 Euro - 2 007 692,00 Euro |
Cordis data
Original description
IT security and risk management often ignore or underestimate the human factor (psychological, behavioural, societal, organisational and economic aspects) in the identification of cyber-risks, their quantitative economic impact and the costs of countermeasures. Cyber-attacks can harm intangible assets like reputation, IPR, expertise, and know-how. And there is severe imbalance between the efficiency of attacks and inadequate defences, due in part to the lack of quantitative information for decision makers to prioritise security investments.To foster a culture of risk management by an individual organisation or a complete sector, HERMENEUT answers: What is the real fallout of a data compromise and the long-run consequences on associated assets? What are the losses for intangible assets? Do other type of attacks (beyond data breach) severely impact intangible and tangible assets?
HERMENEUT assesses vulnerabilities of organisations and corresponding tangible and intangible assets at risk, taking into account the business plans of the attacker, the commoditisation level of the target organisations, the exposure of the target and including human factors as well as estimating the likelihood that a potential cyber-attack exploits identified vulnerabilities. HERMENEUT’s cyber-security cost-benefit approach combines integrated assessment of vulnerabilities and their likelihoods with an innovative macro- and micro-economic model for intangible costs, delivering a quantitative estimation of the risks for an organisation or a business sector and investment guidelines for mitigation measures. 11 partners from 6 countries deliver an innovative methodology and advanced macro- and micro-economic models and make it available to the European research community. HERMENEUT implements its innovations in a decision support tool, tested with 2 users in healthcare and an IPR-intensive industry.
Status
CLOSEDCall topic
DS-04-2016Update Date
27-10-2022
Images
No images available.
Geographical location(s)
Search
Organisations
-
| Engineering Ingegneria Informatica S.p.A. (Coördinator)
-
| BRANDENBURGISCHES INSTITUT FUR GESELLSCHAFT UND SICHERHEIT GGMBH
-
| CEFRIEL - SOCIETA CONSORTILE A RESPONSABILITA LIMITATA
-
| DEDALUS ITALIA S.P.A.
-
| DEEP BLUE SRL (DEEP BLUE)
-
| Digital Catapult
-
| ELTA SYSTEMS LTD
-
| ENGINEERING INTERNATIONAL BELGIUM SA
-
| EUROPEAN ORGANISATION FOR SECURITY
-
| PAGNANELLI RISK SOLUTIONS LIMITED
-
| PROPRS Ltd.
-
| UNIVERSITE PARIS-SACLAY
-
| ZENABYTE SRL