Nowadays, Internet of Things (IoT) adoptions are burgeoning and deemed the lynchpin towards achieving ubiquitous connectivity. In this context, defining and leveraging robust IoT security risk management strategies are paramount for secure IoT adoptions. Thus, this study aims to support IoT adopters from any sector to formulate or reframe their IoT security risk management strategies to achieve robust strategies that effectively address IoT security issues. In a nutshell, this article relies on a mixed methods research methodology and proposes a reference model for IoT security risk management strategy. The proposed IoT security risk management strategy reference model (IoTSRM2) relies on the 25 selected IoT security best practices which are outlined using a proposed taxonomic hierarchy, and on the proposed three-phased methodology that consists of nine steps and outputs. The main contribution of this work is the proposed IoTSRM2 which consists of six domains, 16 objectives, and 30 prioritized controls. Furthermore, prior to providing the related work, this article provides a critical evaluation of selected informative references of IoTSRM2 based on their percentage-wise linkage to the IoTSRM2 domains and to the entire IoTSRM2. The findings of the critical evaluation illustrate, inter alia, the selected informative references that are the top three most and least linked to the entire IoTSRM2.
In the COVID-19 and post-pandemic business environment, leveraging robust Internet of Things (IoT) security risk management strategies becomes of particular importance to IoT adopters. Thus, given that no research study was found to exclusively focus on the current state of IoT security risk management strategies in organizations, this article aims to support IoT security practitioners to peer benchmark and enhance their IoT security risk management strategies. In a nutshell, this study relies on a mixed methods research methodology, and its main contribution is the determination of the current state of the IoT security risk management strategies in the surveyed organizations relative to our IoT Security Risk Management Strategy Reference Model (IoTSRM2). Hence, this study entails designing and conducting a survey, analyzing survey responses, and reporting survey results based on our IoTSRM2 and proposed three-phased survey methodology. Furthermore, before discussing the related work, this article provides our survey results for the surveyed large and small-medium organizations, the surveyed large organizations, and the surveyed large Technology, Media, and Telecom (TMT) organizations. For instance, our results reveal that while most surveyed organizations perform IoT risk assessments and focus on IoT infrastructure resilience, they fail in strategizing IoT governance and risk management, among others.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.