Future developments in standardisation of cyber risk in the Internet of Things (IoT)

Radanliev, Petar; Roure, David C. De; Nurse, Jason R. C.; Montalvo, Rafael Mantilla; Cannady, Stacy; Santos, Omar; Maddox, La’Treall; Burnap, Pete; Maple, Carsten

doi:10.1007/s42452-019-1931-0

Cited by 70 publications

(61 citation statements)

References 112 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Many similar models have been introduced and never used because reliable data could not be found. Furthermore, in terms of the (un)availability of data, lessons can be learned from previous research on data strategies [39]. The volume of data generated creates diverse challenges for developing data strategies in a variety of verticals (ex.…”

Section: Discussionmentioning

confidence: 99%

Artificial Intelligence, Machine Learning and Real-time Probabilistic Data for Cyber Risk (Super) -forecasting: Red Teaming the Connected World (RETCON)

Radanliev¹

2020

Preprint

Self Cite

View full text Add to dashboard Cite

This paper surveys deep learning algorithms, IoT cyber security and risk models, and established mathematical formulas to identify the best approach for developing a dynamic and self-adapting system for predictive cyber risk analytics supported with Artificial Intelligence and Machine Learning and real-time intelligence in edge computing. The paper presents a new mathematical approach for integrating concepts for cognition engine design, edge computing and Artificial Intelligence and Machine Learning to automate anomaly detection. This engine instigates a step change by applying Artificial Intelligence and Machine Learning embedded at the edge of IoT networks, to deliver safe and functional real-time intelligence for predictive cyber risk analytics. This will enhance capacities for risk analytics and assists in the creation of a comprehensive and systematic understanding of the opportunities and threats that arise when edge computing nodes are deployed, and when Artificial Intelligence and Machine Learning technologies are migrated to the periphery of the internet and into local IoT networks.

show abstract

Section: Discussionmentioning

confidence: 99%

Artificial Intelligence, Machine Learning and Real-time Probabilistic Data for Cyber Risk (Super) -forecasting: Red Teaming the Connected World (RETCON)

Radanliev¹

2020

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Notable for this discussion, only FAIR 38 provides recommendations for quantitative risk estimation. To complete the risk assessment, the cyber risk from supply chains needs to be simplified 31,42,43 . To identify a current cyber risk state that includes supply chain cyber risks, the Exostar system 36 , can be used for complimenting the CVSS and covering the supply chain aspect of cyber risk.…”

Section: Empirical Analysis Of Gaps In Cyber Risk Impact Assessment Amentioning

confidence: 99%

“…To identify a current cyber risk state that includes supply chain cyber risks, the Exostar system 36 , can be used for complimenting the CVSS and covering the supply chain aspect of cyber risk. Further analysis, including SWAT and GAP analysis are considered beyond the scope of this conference paper, but can be found in other articles [43][44][45][46][47] .…”

Section: Empirical Analysis Of Gaps In Cyber Risk Impact Assessment Amentioning

confidence: 99%

“…The rationale is that different enterprises will have different cyber security steps to perform in order to transition to a higher maturity lever. A long and detailed list of steps can be found in some of our work in progress articles 42, 43,46 . For implementing the recommendations emerging from the transformational imperatives, we refer to the NIST cyber security implementation tiers as support guidance.…”

Section: Transformation Imperatives Describing How Iot Companies Can mentioning

confidence: 99%

See 1 more Smart Citation

Definition of Internet of Things (IoT) Cyber Risk – Discussion on a Transformation Roadmap for Standardisation of Regulations, Risk Maturity, Strategy Design and Impact Assessment

Radanliev¹,

Roure²,

Nurse³

et al. 2019

Preprint

Self Cite

View full text Add to dashboard Cite

The Internet-of-Things (IoT) enables enterprises to obtain profits from data but triggers data protection questions and new types of cyber risk. Cyber risk regulations for the IoT however do not exist. The IoT risk is not included in the cyber security assessment standards, hence, often not visible to cyber security experts. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. The outcome of such self-assessment needs to define a current and target state, prior to creating a transformation roadmap outlining tasks to achieve the stated target state. In this article, a comparative empirical analysis is performed of multiple cyber risk assessment approaches, to define a high-level potential target state for company integrating IoT devices and/or services. Defining a high-level potential target state represent is followed by a high-level transformation roadmap, describing how company can achieve their target state, based on their current state. The transformation roadmap is used to adapt IoT risk impact assessment with a Goal-Oriented Approach and the Internet of Things Micro Mart model.

show abstract

“…Further research is required into the topic of addressing strategy absence, because in such scenarios, the formulation would be difficult to implement. A series of publications follows this research 1,2,[11][12][13][14][15][16][17][18][19][20]3,[21][22][23][24][25][26][27][28][29][30]32…”

Section: Future Research Avenuesmentioning

confidence: 99%

Supply Chain Systems Architecture and Engineering Design: Green-Field Supply Chain Integration

Radanliev¹

2019

Preprint

Self Cite

View full text Add to dashboard Cite

This paper developed a new theory for supply chain architecture, and engineering design that enables integration of the business and supply chain strategies. The architecture starts with individual supply chain participants and derives insights into the complex and abstract concept of green-field integration design. The paper presented a conceptual system for depicting the interactions between business and supply chain strategy engineering. The system examines the decisions made when engineering the business strategy, with regards to the supply chain design. The system derived with a new understanding of how strategies are integrated, and what are the implications for engineering successful strategies. The study revealed that supply chain design is not considered in great detail before architecting the business strategies. Thus, companies consequentially experience supply chain problems that are likely to be detrimental to the growth potentials. The paper also derived with the findings that proactive and pre-emptive involvement of supply chain participants in the strategy engineering process, would lead to a more robust strategic design.

show abstract

Future developments in standardisation of cyber risk in the Internet of Things (IoT)

Cited by 70 publications

References 112 publications

Artificial Intelligence, Machine Learning and Real-time Probabilistic Data for Cyber Risk (Super) -forecasting: Red Teaming the Connected World (RETCON)

Artificial Intelligence, Machine Learning and Real-time Probabilistic Data for Cyber Risk (Super) -forecasting: Red Teaming the Connected World (RETCON)

Definition of Internet of Things (IoT) Cyber Risk – Discussion on a Transformation Roadmap for Standardisation of Regulations, Risk Maturity, Strategy Design and Impact Assessment

Supply Chain Systems Architecture and Engineering Design: Green-Field Supply Chain Integration

Contact Info

Product

Resources

About

Future developments in standardisation of cyber risk in the Internet of Things (IoT)

Cited by 70 publications

References 112 publications

Artificial Intelligence, Machine Learning and Real-time Probabilistic Data for Cyber Risk (Super) -forecasting: Red Teaming the Connected World (RETCON)

Artificial Intelligence, Machine Learning and Real-time Probabilistic Data for Cyber Risk (Super) -forecasting: Red Teaming the Connected World (RETCON)

Definition of Internet of Things (IoT) Cyber Risk – Discussion on a Transformation Roadmap for Standardisation of Regulations, Risk Maturity, Strategy Design and Impact Assessment

Supply Chain Systems Architecture and Engineering Design:&nbsp;Green-Field Supply Chain Integration

Contact Info

Product

Resources

About

Supply Chain Systems Architecture and Engineering Design: Green-Field Supply Chain Integration