The HERMENEUT Project: Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks

Enrico Frumento, Carlo Dambra

Abstract

This paper presents the funding principles of the HERMENEUT H2020 EU project (www.hermeneut.eu), whose objective is to assess cyber-risk and valuing consequences on both tangible and intangible assets. HERMENEUT innovates with a unique cyber-security cost-benefit analysis approach that combines current attack trends, integrated assessment of vulnerabilities and likelihoods of cyber-attacks with an innovative macro- and microeconomic model of intangible costs, to deliver risk estimations for individual organisations, sectors and the economy. It then suggests options to both apportion cyber-security budget on multiple mitigations and transfer non-tolerable residual risks to cyber-insurance. HERMENEUT also provides a decision support tool to stakeholders and validates it in two industries belonging to two sectors increasingly under cyber-attack: health-care and an Intellectual Property-intensive sector. The HERMENEUT project is now in its second year of life, heading to the proof of the theoretical funding assumptions in the field-tests.

Download


Paper Citation


in Harvard Style

Frumento E. and Dambra C. (2019). The HERMENEUT Project: Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 495-502. DOI: 10.5220/0007413504950502


in Bibtex Style

@conference{icissp19,
author={Enrico Frumento and Carlo Dambra},
title={The HERMENEUT Project: Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={495-502},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007413504950502},
isbn={978-989-758-359-9},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - The HERMENEUT Project: Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks
SN - 978-989-758-359-9
AU - Frumento E.
AU - Dambra C.
PY - 2019
SP - 495
EP - 502
DO - 10.5220/0007413504950502