Economic assessment of intangible assets is a topic still open to investigation for the research community. And a relevant one, considering that cyberattacks are targeting more and more a company’s intangible assets (i.e. invisible, yet pervasive resources of the socio-economic systems, like intellectual property rights, data and reputation). Being able to model and evaluate intangibles is crucial to estimate how cyberattacks impact them, a key information for companies to plan their cybersecurity investments.

Professor Ahmed Bounfour, president of the European Chair on Intangibles (Université Paris-Sud) and scientific coordinator of Hermeneut, summarizes in a set of short articles the main findings of the evaluation of the impact of cyberattacks on intangibles performed within Hermeneut. The articles explore:

  1. The effects of cyber-attacks on finance. Cyberattacks are increasing in numbers and sophistication, making more complex their global costs estimation. In order to help quantify these costs, the effects of cyber-attacks on the critical sector of finance were simulated, with the premise that cyberattacks perpetrated in a given sector result in a certain level of inoperability that cascades over other sectors, increasing economic losses.
  2. The effects of cyberattacks on listed firms. The impact of cyberattacks on financial markets was simulated in order to determine the effects of an economic event on firms’ value, as this is a recurring theme in economics and management sciences.
  3. The effects of cyberattacks on intangibles of firms. Intangibles of firms represent on average 80% of their assets, and have a high probability of being harmed in case of a cyberattack, causing financial losses. This final article summarizes the study of the impact of cyber-security events on firms’ intangible assets in different sectors.

These studies contribute to the economic assessment of the impact of cyberattacks on intangibles, and serve as a basis for Hermeneut’s dynamic risk-assessment and integrated governance tool, able to not only establish a company’s vulnerability level, but also to propose adequate countermeasures and support prioritisation of security investments through a holistic cost-benefit analysis.