Project of the Week - HERMENEUT Project of the Week: HERMENEUT

Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks

A Dynamic Solution for Intangible Assets


Project Hermeneut is a Horizon 2020 research and innovation project focusing on the economic aspects of cybersecurity, specially regarding intangible assets. It started in May 2017 and with a duration of 24 months it’s now approaching its end.

Hermeneut managed to address some critical topics in the cybersecurity area and to highlight its results is promoting it as project of the week from 18th to 24th of February.

An holistic and dynamic approach

Essentially, Hermeneut’s work can be split into two macro-activities: the development of the methodology and the development of a decision support tool to perform a risk self-assessment.

Where is innovation? First of all, the inclusion of intangible assets with an economic estimation for their losses in case of attack. Moreover, most of the established cyber-risk analysis methods provide little or no support for analysing changing and evolving risks or either strategies to support the management of organisations to determine when it is necessary to repeat the assessment. Project Hermeneut introduced an innovative approach based on weak signals correlation to do this.


Accurate risk analysis for the end-users

Currently the most common way for end-users to make a risk assessment is to buy for an assessment by a Cybersecurity vendor or through the self-questionnaires online. The bigger companies already have complex tools to assess cyber risk and it is easy to find short inaccurate questionnaires for cyber risk assessment on the web too. With this in mind, Hermeneut developed a RATING tool (Risk Assessment Tool for INtegrated Governance), a very good compromise between simplicity and depth of risk analysis.


Hermeneut’s proposal for a solid EU cybersecurity

According to Project Hermeneut’s representatives there are a lot of references for data breaches but not enough about DDoS and other type of attacks. This could be caused by the absence of a regulation that would make mandatory the notification of authority for every cyber-attack (not only when personal data are affected [GDPR]). This is a practice that would substantially help the EC to better direct the research and funding programs towards the most economically significant impacts of a cyber-attack

To know more about the project you can visit their website:


Read more about Cyberwatchingeu Project of the Week for 18-22 February 2019:


See more updates on our social media channels.

Twittter: http://@cyberwatchingeu



PAPAYA: Platform for PrivAcY preserving data Analytics

PAPAYA: Platform for PrivAcY preserving data Analytics is one of the GDPR cluster projects that will help companies to follow a privacy-by-design approach & adopt #PrivacyEnhancingTechnologies to ensure their clients’ privacy is protected.

Future Events

Brussels - Second CW Concertation Meeting, 04/06/2019

Resilience. Deterrence. Defence – Calls to action for future cybersecurity and privacy policy
Concertation meeting of H2020 projects from unit "Cybersecurity & Privacy"


Join us at the second Concertation meeting, 04 June 2019!

Annual Privacy Forum 2019
13/06/2019 to 14/06/2019

LOCATION: LUISS Guido Carli - Rome, Italy

The event encourages dialog with panel discussions and provides room for exchange of ideas in between scientific sessions. Participate to the discussions during APF days, but also by being involved online on our community channels using #APF19

Even theme: