Abstract
Nowadays, Internet of Things (IoT) adoptions are burgeoning and deemed the lynchpin towards achieving ubiquitous connectivity. In this context, defining and leveraging robust IoT security risk management strategies are paramount for secure IoT adoptions. Thus, this study aims to support IoT adopters from any sector to formulate or reframe their IoT security risk management strategies to achieve robust strategies that effectively address IoT security issues. In a nutshell, this article relies on a mixed methods research methodology and proposes a reference model for IoT security risk management strategy. The proposed IoT security risk management strategy reference model (IoTSRM2) relies on the 25 selected IoT security best practices which are outlined using a proposed taxonomic hierarchy, and on the proposed three-phased methodology that consists of nine steps and outputs. The main contribution of this work is the proposed IoTSRM2 which consists of six domains, 16 objectives, and 30 prioritized controls. Furthermore, prior to providing the related work, this article provides a critical evaluation of selected informative references of IoTSRM2 based on their percentage-wise linkage to the IoTSRM2 domains and to the entire IoTSRM2. The findings of the critical evaluation illustrate, inter alia, the selected informative references that are the top three most and least linked to the entire IoTSRM2.
Highlights
Cybersecurity spending is primarily driven by the need to face the proliferation of cyber threats [1], the fear of non-compliance with domestic and cross-border cybersecurity regulations [2], and the want to embark on the digitalization rush at the cost of wider attack surface [3]
Manufacturing: This study focuses on Smart Manufacturing organizations and applies to operators, manufacturers, and users of Industrial Internet of Things (IIoT)
It provides an illustrative overview of the proposed IoTSRM2
Summary
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. Cybersecurity spending is primarily driven by the need to face the proliferation of cyber threats [1], the fear of non-compliance with domestic and cross-border cybersecurity regulations [2], and the want to embark on the digitalization rush at the cost of wider attack surface [3]. These key drivers are highlighted in the studies conducted by. Giuca et al [4] and the Ponemon Institute [5]. Opportunity-driven organizations everywhere strive to keep pace with or even dominate the digital transformation (DX)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
