“Enterprises intangible Risk Management via Economic models based on simulation of modern cyber attacks”


HERMENEUT is a research and innovation project focusing on economics of cyber security. Cyberattacks can harm intangible assets like reputation, Intellectual Property Rights, expertise, and know-how. There is a great disparity between the efficiency of attacks and inadequate defences, partly due to the lack of quantitative information for decision makers to prioritise security investments.

Fostering a culture of risk management, HERMENEUT provides individual organisations as well as business sectors with an innovative methodology for the dynamic assessment of their vulnerabilities and corresponding tangible and intangible assets at risk.


Our Approach

Therefore, the challenging overall goal of HERMENEUT was to create a holistic, dynamic cybersecurity risk assessment model and approach to cost-benefit analysis that:

  1. starts from an integrated assessment of vulnerabilities of organisations, including human factors cybersecurity assessment, and their likelihoods,
  2. exploits an innovative macro- and microeconomic model to estimate the consequences of cyberattacks for intangible costs,
  3. ends with a cybersecurity risk assessment of tangible and intangible assets for an organisation or a business sector, and
  4. is followed by guidelines able to support decisions related to cybersecurity investments on hard and soft measures to mitigate the loss of an enterprise’s integrity.

The project was coordinated by Engineering (Italy) and ZenaByte was leading the WP4 “Risk based cost & benefit framework” aimed at to designing and developing the holistic, dynamic risk assessment model and related methodology.

This project has received funding under the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740322