The use of Internet of Things (IoT) devices within the home has become more popular in recent years and with the COVID-19 pandemic more employees are working from home. Risk management has become decentralised, which is problematic for organisations since potential risks towards the company can not be controlled in a standardised and formal way. On the other side, users are suffering from smart home attacks due to the nature of IoT such as its heterogeneity and non-standardised architecture. However, the behaviour and attitudes of the user can dictate the increase or decrease of risk and possible losses due to the end user's responsibility within the IoT life cycle. In this paper, we suggest that a user's behaviour and attitude towards IoT devices within the smart home is imperative when designing a risk model for the home. We then consider the human element in the risk assessment process in IoT. We present a Smart Home Behaviour and Attitude Risk Model (SH-BARM) to discuss the importance of human behaviour and attitudes within the home and propose a solution to that will aid smart home inhabitants and organisations.CCS Concepts: • Security and privacy → Human and societal aspects of security and privacy.
The Internet of Things (IoT) continues to grow at a rapid pace, becoming integrated into the daily operations of individuals and organisations. IoT systems automate crucial services within daily life that users may rely on, which makes the assurance of security towards entities such as devices and information even more significant. In this paper, we present a comprehensive survey of papers that model cyber risk management processes within the context of IoT, and provide recommendations for further work. Using 39 collected papers, we studied IoT cyber risk management frameworks against four research questions that delve into cyber risk management concepts and human-orientated vulnerabilities. The importance of this work being human-driven is to better understand how individuals can affect risk and the ways that humans can be impacted by attacks within different IoT domains. Through the analysis, we identified open areas for future research and ideas that researchers should consider.
The Internet of Things (IoT) continues to grow at a rapid pace, becoming integrated into the daily operations of individuals and organisations. IoT systems automate crucial services within daily life that users may rely on, which makes the assurance of security towards entities such as devices and information even more significant. In this paper, we present a comprehensive survey of papers that model cyber risk management processes within the context of IoT, and provide recommendations for further work. Using 39 collected papers, we studied IoT cyber risk management frameworks against four research questions that delve into cyber risk management concepts and human-orientated vulnerabilities. The importance of this work being human-driven is to better understand how individuals can affect risk and the ways that humans can be impacted by attacks within different IoT domains. Through the analysis, we identified open areas for future research and ideas that researchers should consider.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.