Driven by market needs, SECONDO proposes a unique, scalable, highly interoperable Economics-of-Security-as-a-Service (ESaaS) platform that encompasses a comprehensive cost-driven methodology for: (i) estimating cyber risks based on a quantitative approach that focuses on both technical and non-technical aspects, (e.g. users behaviour), that influence cyber exposure; (ii) providing analysis for effective and efficient risk management by recommending optimal investments in cyber security controls; and (iii) determining the residual risks and estimating the cyber insurance premiums taking into account the insurer’s business strategy, while eliminating the information asymmetry between the insured and insurer. With the capabilities mentioned above, the SECONDO platform will establish a new paradigm in risk management for enterprises of various sizes, with respect to the GDPR framework, while it will enable formal and verifiable methodologies for insurers that require estimating premiums.