In this research article, we explore the use of a design process for adapting existing cyber risk assessment standards to allow the calculation of economic impact from IoT cyber risk. The paper presents a new model that includes a design process with new risk assessment vectors, specific for IoT cyber risk. To design new risk assessment vectors for IoT, the study applied a range of methodologies, including literature review, empirical study and comparative study, followed by theoretical analysis and grounded theory. An epistemological framework emerges from applying the constructivist grounded theory methodology to draw on knowledge from existing cyber risk frameworks, models and methodologies. This framework presents the current gaps in cyber risk standards and policies, and defines the design principles of future cyber risk impact assessment. The core contribution of the article therefore, being the presentation of a new model for impact assessment of IoT cyber risk. Keywords: Cyber risk; Internet of Things cyber risk; Internet of Things risk vectors;Standardisation of cyber risk assessment; Economic impact assessment. University of OxfordUniversity of Oxford 3 analysis to uncover the best method to define a unified cyber risk assessment. In section 7 we propose a new epistemological framework for cyber risk assessment standardisation and we discuss the new impact assessment principles. In Section 8 we present the conclusions and limitations of the research. METHODOLOGYThe methods applied in this study consist of literature review, comparative study, empirical analysis, theoretical and epistemological analysis and case study workshops. The selection of methodologies is based on their flexibility to be applied simultaneously to analyse the same research topic from different perspectives. We use practical studies of major projects in the I4.0 to showcase recent developments of IoT systems in the context of I4.0 high-tech strategies. We need practical studies to bridge the gaps, to assess the impact and overcome some of the cyber risk limitations and to construct the relationship between IoT and high-tech strategies. The proposed design principles support the process of building a holistic IoT cyber risk impact assessment model. Theoretical analysisThe methodology applies theoretical analysis through logical discourse of knowledge, also known as epistemological analysis. An epistemological analysis enables an investigation on how existing knowledge is justified and what makes justified beliefs justified (Steup, 2005), what does it mean to say that we understand something (Wenning, 2009) and how do we understand that we understand.The methodology reported here has two objectives. The first objective is to enable an up-todate overview of existing and emerging cyber risk vectors from IoT advancements, which includes cyber-physical systems, the industrial Internet of things, cloud computing and cognitive computing (MEICA, 2015;Weyer et al., 2015;Liao et al., 2017). If we were performing a vector specific analysis of r...
Although the strongest social relationships feature most prominently in our lives, we also maintain a multitude of much weaker connections: the distant colleagues that we share a coffee with in the afternoon; the waitress at a our regular sandwich bar; or the 'familiar stranger' we meet each morning on the way to work. These are all examples of weak relationships which have a strong spatial-temporal component but with few support systems available. This paper explores the idea of 'Co-presence Communities' -a probabilistic definition of groups that are regularly collocated togetherand how they might be used to support weak social networks. An algorithm is presented for mining the Copresence Community definitions from data collected by Bluetooth-enabled mobile phones. Finally, an example application is introduced which utilises these communities for disseminating information.
In this paper we present an understanding of cyber risks in the Internet of Things (IoT), we explain why it is important to understand what IoT cyber risks are and how we can use risk assessment and risk management approaches to deal with these challenges. We introduce the most effective ways of doing Risk assessment and Risk Management of IoT risk. As part of our research, we also developed methodologies to assess and manage risk in this emerging environment. This paper will take you through our research and we will explain: what we mean by the IoT; what we mean by risk and risk in the IoT; why risk assessment and risk management are important; the IoT risk management for incident response and recovery; what open questions on IoT risk assessment and risk management remain.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.