The use of Internet of Things (IoT) devices within the home has become more popular in recent years and with the COVID-19 pandemic more employees are working from home. Risk management has become decentralised, which is problematic for organisations since potential risks towards the company can not be controlled in a standardised and formal way. On the other side, users are suffering from smart home attacks due to the nature of IoT such as its heterogeneity and non-standardised architecture. However, the behaviour and attitudes of the user can dictate the increase or decrease of risk and possible losses due to the end user's responsibility within the IoT life cycle. In this paper, we suggest that a user's behaviour and attitude towards IoT devices within the smart home is imperative when designing a risk model for the home. We then consider the human element in the risk assessment process in IoT. We present a Smart Home Behaviour and Attitude Risk Model (SH-BARM) to discuss the importance of human behaviour and attitudes within the home and propose a solution to that will aid smart home inhabitants and organisations.CCS Concepts: • Security and privacy → Human and societal aspects of security and privacy.
Emergency planners, first responders and relief workers increasingly rely on computational and communication systems that support all aspects of emergency management, from mitigation and preparedness to response and recovery. Failure of these systems, whether accidental or because of malicious action, can have severe implications for emergency management. Accidental failures have been extensively documented in the past and significant effort has been put into the development and introduction of more resilient technologies. At the same time researchers have been raising concerns about the potential of cyber attacks to cause physical disasters or to maximise the impact of one by intentionally impeding the work of the emergency services. Here, we provide a review of current research on the cyber threats to communication, sensing, information management and vehicular technologies used in emergency management. We emphasise on open issues for research, which are the cyber threats that have the potential to affect emergency management severely and for which solutions have not yet been proposed in the literature.
Research in the context of user awareness has shown that smart-home occupants often lack cybersecurity awareness even when it comes to frequently used technologies such as online social networks and email. To cope with the risks, smart-homes must be equipped with adequate cybersecurity measures besides the knowledge and time required by smarthome occupants to implement security measures. In this paper, we explore potential threats in AI-powered smart-homes and identify a list of cybersecurity controls required to mitigate their potential impact considering attack vectors, as well as the time and knowledge required to implement a control. We use optimisation to identify the best set of controls to minimise the risk exposure considering these metrics. Our comparative analysis against a random selection approach highlight that our approach is at least 25% better at minimising risk. Finally, we show how improved knowledge or time impacts the risk.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.