The specific objectives of CYBECO are:
- To overcome standard cybersecurity management methods based on risk matrices;
- To develop an actionable cybersecurity risk management model that:
- takes properly into account the intentionality of adversaries;
- incorporates cyber insurance in the risk management portfolio;
- incorporates structured expert judgement methodologies to deal with cases with little data;
- incorporates cyber security behavioral and psychological findings concerning threat agents and IT owners considering cyber risk management;
- facilitates optimal cyber security investments by IT owners;
- To develop the CYBECO Toolbox implementing our risk management modelling framework to provide evidence of good practice but also concepts and tools for evaluating and demonstrating the CYBECO cybersecurity models;
- To validate and consolidate models and tools through behavioural experiments as well as by mobilising a community of users, experts and stakeholders (insurance companies, IT security companies, researchers and policy makers) for the demonstration and validation of CYBECO models and their further development;
- To constitute a platform for sharing information, data, experiences and expertise, to further existing knowledge by developing new approaches, methodologies and tools, and facilitate cross-national discussion and cooperation;
- To provide policy recommendations complementary to directives and standards, identifying possible gaps;
- To disseminate project activities and results and to diffuse knowledge created so as to enhance market potential;
- To develop a business plan for the exploitation of results.