The four pilot projects involved in the development of the European Cybersecurity Competence Network will present their plans and upcoming tools and services for SMEs in the Cyberwatching.eu webinar on the 2nd of April, 10:00 AM CEST
Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks
Project Hermeneut is a Horizon 2020 research and innovation project focusing on the economic aspects of cybersecurity, specially regarding intangible assets. It started in May 2017 and with a duration of 24 months it’s now approaching its end.
Hermeneut managed to address some critical topics in the cybersecurity area and to highlight its results Cyberwatching.eu is promoting it as project of the week from 18th to 24th of February.
Essentially, Hermeneut’s work can be split into two macro-activities: the development of the methodology and the development of a decision support tool to perform a risk self-assessment.
Where is innovation? First of all, the inclusion of intangible assets with an economic estimation for their losses in case of attack. Moreover, most of the established cyber-risk analysis methods provide little or no support for analysing changing and evolving risks or either strategies to support the management of organisations to determine when it is necessary to repeat the assessment. Project Hermeneut introduced an innovative approach based on weak signals correlation to do this.
Currently the most common way for end-users to make a risk assessment is to buy for an assessment by a Cybersecurity vendor or through the self-questionnaires online. The bigger companies already have complex tools to assess cyber risk and it is easy to find short inaccurate questionnaires for cyber risk assessment on the web too. With this in mind, Hermeneut developed a RATING tool (Risk Assessment Tool for INtegrated Governance), a very good compromise between simplicity and depth of risk analysis.
According to Project Hermeneut’s representatives there are a lot of references for data breaches but not enough about DDoS and other type of attacks. This could be caused by the absence of a regulation that would make mandatory the notification of authority for every cyber-attack (not only when personal data are affected [GDPR]). This is a practice that would substantially help the EC to better direct the research and funding programs towards the most economically significant impacts of a cyber-attack
To know more about the project you can visit their website: https://www.hermeneut.eu/
Read more about Cyberwatchingeu Project of the Week for 18-22 February 2019:
See more updates on our social media channels.