Objective
IT security and risk management often ignore or underestimate the human factor (psychological, behavioural, societal, organisational and economic aspects) in the identification of cyber-risks, their quantitative economic impact and the costs of countermeasures. Cyber-attacks can harm intangible assets like reputation, IPR, expertise, and know-how. And there is severe imbalance between the efficiency of attacks and inadequate defences, due in part to the lack of quantitative information for decision makers to prioritise security investments.
To foster a culture of risk management by an individual organisation or a complete sector, HERMENEUT answers: What is the real fallout of a data compromise and the long-run consequences on associated assets? What are the losses for intangible assets? Do other type of attacks (beyond data breach) severely impact intangible and tangible assets?
HERMENEUT assesses vulnerabilities of organisations and corresponding tangible and intangible assets at risk, taking into account the business plans of the attacker, the commoditisation level of the target organisations, the exposure of the target and including human factors as well as estimating the likelihood that a potential cyber-attack exploits identified vulnerabilities. HERMENEUT’s cyber-security cost-benefit approach combines integrated assessment of vulnerabilities and their likelihoods with an innovative macro- and micro-economic model for intangible costs, delivering a quantitative estimation of the risks for an organisation or a business sector and investment guidelines for mitigation measures. 11 partners from 6 countries deliver an innovative methodology and advanced macro- and micro-economic models and make it available to the European research community. HERMENEUT implements its innovations in a decision support tool, tested with 2 users in healthcare and an IPR-intensive industry.
Field of science
- /natural sciences/computer and information sciences/computer security
- /social sciences/sociology/governance/crisis management
- /social sciences/economics and business/economics
Programme(s)
Call for proposal
H2020-DS-SC7-2016
See other projects for this call
Funding Scheme
RIA - Research and Innovation actionCoordinator
00144 Roma
Italy
Participants (11)
20126 Milano
Participation ended
OX2 9HQ Oxford
00193 Roma
Participation ended
E1 1LF London
50141 Firenze
NW1 2RA London
14482 Potsdam
91190 Saint Aubin
1000 Bruxelles
77102 Ashdod
16121 Genova