A Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 netwOrking era


SECONDO addresses the question “How can decisions about cyber security investments and cyber insurance pricing be optimized?”

SECONDO will support professionals who seek cyber security investments, developed to support human decision making, and a complete well-founded security strategy. This is a timely research problem, as the rapid growth of cyber-attacks is expected to continue its upwards trajectory. Such growth presents a prominent threat to normal business operations and the EU society itself. On the other hand, an interesting, well-known, finding is that an organisation’s computer systems may be less secure than a competitor’s, despite having spent more money in securing them. Budget setting, cyber security investment choices and cyber insurance, in the face of uncertainties, are highly challenging tasks with massive business implications.

SECONDO aims to make impact on the operation of EU businesses who often:

  • (i) have a limited cyber security budget;
  • (ii) ignore the importance of cyber insurance.

Cyber insurance can play a critical role to the mitigation of cyber risk. This can be done by imposing a cost on firms’ cyber risk through a premium that they have to pay and the potential for paying a smaller premium should they reduce their current cyber security risk. SECONDO has a cross-disciplinary nature, combining mathematical and engineering insights to empower innovative software. Apart from the novel research results, the project will offer a software platform to narrow the gap between theoretical understanding and practice.

To achieve this, the four industrial project partners will:

  • i) lead the part of the project where industrial needs will be entered as input to the requirements collection phase.
  • ii) provide their innovative software for risk assessment.

The three academic partners will work together to:

  • i) design and thoroughly describe the proposed methodologies.
  • ii) contribute to their software development.