Cyberwatching.eu Project of the Week: HERMENEUT

Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks

A Dynamic Solution for Intangible Assets

Project Hermeneut is a Horizon 2020 research and innovation project focusing on the economic aspects of cybersecurity, specially regarding intangible assets. It started in May 2017 and with a duration of 24 months it’s now approaching its end.

Hermeneut managed to address some critical topics in the cybersecurity area and to highlight its results Cyberwatching.eu is promoting it as project of the week from 18th to 24th of February.

An holistic and dynamic approach

Essentially, Hermeneut’s work can be split into two macro-activities: the development of the methodology and the development of a decision support tool to perform a risk self-assessment.

Where is innovation? First of all, the inclusion of intangible assets with an economic estimation for their losses in case of attack. Moreover, most of the established cyber-risk analysis methods provide little or no support for analysing changing and evolving risks or either strategies to support the management of organisations to determine when it is necessary to repeat the assessment. Project Hermeneut introduced an innovative approach based on weak signals correlation to do this.

Accurate risk analysis for the end-users

Currently the most common way for end-users to make a risk assessment is to buy for an assessment by a Cybersecurity vendor or through the self-questionnaires online. The bigger companies already have complex tools to assess cyber risk and it is easy to find short inaccurate questionnaires for cyber risk assessment on the web too. With this in mind, Hermeneut developed a RATING tool (Risk Assessment Tool for INtegrated Governance), a very good compromise between simplicity and depth of risk analysis.

Hermeneut’s proposal for a solid EU cybersecurity

According to Project Hermeneut’s representatives there are a lot of references for data breaches but not enough about DDoS and other type of attacks. This could be caused by the absence of a regulation that would make mandatory the notification of authority for every cyber-attack (not only when personal data are affected [GDPR]). This is a practice that would substantially help the EC to better direct the research and funding programs towards the most economically significant impacts of a cyber-attack

To know more about the project you can visit their website: https://www.hermeneut.eu/

Read more about Cyberwatchingeu Project of the Week for 18-22 February 2019:

• Catalogue of Service:  https://www.cyberwatching.eu/services/catalogue-of-services/hermeneut-en...
• Events: https://www.cyberwatching.eu/events

See more updates on our social media channels.

Twittter: http://@cyberwatchingeu

LinkedIn: https://www.linkedin.com/in/cyber-watching/