Abstract

Along with the growing threat of cyberattacks, cybersecurity has become one of the most important areas of the Internet of Things (IoT). The purpose of IoT cybersecurity is to reduce cybersecurity risk for organizations and users through the protection of IoT assets and privacy. New cybersecurity technologies and tools provide potential for better IoT security management. However, there is a lack of effective IoT cyber risk management frameworks for managers. This paper reviews IoT cybersecurity technologies and cyber risk management frameworks. Then, this paper presents a four-layer IoT cyber risk management framework. This paper also applies a linear programming method for the allocation of financial resources to multiple IoT cybersecurity projects. An illustration is provided as a proof of concept.

Highlights

  • The Internet of Things (IoT) has created a new paradigm in which a network of machines and devices capable of communicating and collaborating with each other are driving new process innovations in enterprises [1]

  • The CMMI Cybermaturity Platform is aligned with leading frameworks such as International Organization for Standardization (ISO) 27001 and the National Institute of Standards and Technology (NIST) Cybersecurity Framework

  • The frameworks do not provide any guide on how cFyutbuererIsnetcerunretit2y02i0n, v12e,sxtmFOeRnPtEcEaRnRbEVeImEWade for each cybersecurity project and how financial resou6 rocfe2s1 can be allocated among multiple cybersecurity projects

Read more

Summary

Introduction

The Internet of Things (IoT) has created a new paradigm in which a network of machines and devices capable of communicating and collaborating with each other are driving new process innovations in enterprises [1]. Only 35% of survey participants report that they have an IoT security strategy in place and, of those, only 28% report that they implemented it Another survey shows that 80% of organizations experienced cyberattacks on their IoT devices in the past year [7]. It finds that 26% of the organizations did not use security protection technologies. These two surveys demonstrate the security limitations many IoT devices have and the need for organizations to move proactively to invest in IoT cybersecurity. Despite weak security measures, existing risk assessment methods are not appropriate for dynamic systems such as the IoT [8]. An illustration of the IoT cyber risk management for a hotel smart room provides the proof of concept of the risk assessment

Cybersecurity in IoT Architecture
Cybersecurity at the Perception Layer
Cybersecurity at the Network Layer
Cybersecurity at the Processing Layer
Cybersecurity at the Application Layer
Cybersecurity at the Service Management Layer
Literature Review on Cybersecurity Risk Management
Qualitative Approaches to Cybersecurity Risk Management
Quantitative Approaches to Cybersecurity Risk Management
Evaluation of the Literature
IoT Cyber Ecosystem Layer
IoT Cybersecurity Technology Developers
External Users and Customers
Adversaries
Governments
Standardization Organizations
IoT Cyber Infrastructure Layer
Organization
Cybersecurity Technologies
IoT Cyber Risk Assessment Layer
Risk Identification
Risk Quantification
Resource Allocation
IoT Cyber Performance Layer
Implementation
Monitoring and Control
Continuous Improvement
IoT-Based Smart Room
Conclusions

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Internet of Things, Security of Data, and Cyber Security
Albérico Travassos Rosário
-
Albérico Travassos RosárioAlbérico Travassos Rosário
04 Mar 2022
Cyber-Security in the Internet of Things
Snehal A Bhosale ... S S Sonavane
-
Snehal A Bhosale, et. al.Snehal A Bhosale ... S S Sonavane
23 Aug 2022
IoT Cyber Security
Brian Russell
-
Brian RussellBrian Russell
01 Jan 2020
Strong reasons make strong actions: What Shakespeare’s ‘King John’ can teach us about the Internet of Things
Hanane Taidi
Cyber Security: A Peer-Reviewed Journal | VOL. 8
Hanane TaidiHanane Taidi
01 Sep 2024
View more papers

More From: Future Internet

Paper Title
Journal
Date
Author
Connection-Aware Digital Twin for Mobile Adhoc Networks in the 5G Era
Manuel Jesús-Azabal ... Vasco N G J Soares
Future Internet | VOL. 16
Manuel Jesús-Azabal, et. al.Manuel Jesús-Azabal ... Vasco N G J Soares
30 Oct 2024
Deep Reinforcement Learning for UAV-Based SDWSN Data Collection
Pejman A Karegar ... Peter Han Joo Chong
Future Internet | VOL. 16
Pejman A Karegar, et. al.Pejman A Karegar ... Peter Han Joo Chong
30 Oct 2024
Streaming and Elastic Traffic Service in 5G-Sliced Wireless Networks and Mutual Utilization of Guaranteed Resource Units
Yves Adou ... Yuliya Gaidamaka
Future Internet | VOL. 16
Yves Adou, et. al.Yves Adou ... Yuliya Gaidamaka
30 Oct 2024
Cybersecurity Maintenance in the Automotive Industry Challenges and Solutions: A Technology Adoption Approach
Ignacio Fernandez De Arroyabe ... Iain Phillips
Future Internet | VOL. 16
Ignacio Fernandez De Arroyabe, et. al.Ignacio Fernandez De Arroyabe ... Iain Phillips
28 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.