scholarly journals Epistemological Equation for Analysing Uncontrollable States in Complex Systems: Quantifying Cyber Risks from the Internet of Things

2021 ◽  
Author(s):  
Petar Radanliev ◽  
David De Roure ◽  
Pete Burnap ◽  
Omar Santos
Keyword(s):  
Risk Assessment ◽  
Internet Of Things ◽  
Empirical Analysis ◽  
Quantitative Risk Assessment ◽  
The Internet ◽  
Self Assessment ◽  
Target State ◽  
Epistemological Analysis ◽  
Cyber Risk ◽  
The Internet Of Things

AbstractThe Internet-of-Things (IoT) triggers data protection questions and new types of cyber risks. Cyber risk regulations for the IoT, however, are still in their infancy. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. At present, there are no self-assessment methods for quantifying IoT cyber risk posture. It is considered that IoT represent a complex system with too many uncontrollable risk states for quantitative risk assessment. To enable quantitative risk assessment of uncontrollable risk states in complex and coupled IoT systems, a new epistemological equation is designed and tested though comparative and empirical analysis. The comparative analysis is conducted on national digital strategies, followed by an empirical analysis of cyber risk assessment approaches. The results from the analysis present the current and a target state for IoT systems, followed by a transformation roadmap, describing how IoT systems can achieve the target state with a new epistemological analysis model. The new epistemological analysis approach enables the assessment of uncontrollable risk states in complex IoT systems—which begin to resemble artificial intelligence—and can be used for a quantitative self-assessment of IoT cyber risk posture.

scholarly journals Cyber Risk Management for the Internet of Things

2019 ◽  
Author(s):  
Petar Radanliev ◽  
David Charles De Roure ◽  
Jason R.C. Nurse ◽  
Pete Burnap ◽  
Eirini Anthi ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Internet Of Things ◽  
Impact Assessment ◽  
Cyber Security ◽  
The Internet ◽  
Target State ◽  
High Level ◽  
Cyber Risk ◽  
The Internet Of Things ◽  
Oriented Approach

The Internet-of-Things (IoT) enables enterprises to obtain profits from data but triggers data protection questions and new types of cyber risk. Cyber risk regulations for the IoT however do not exist. The IoT risk is not included in the cyber security assessment standards, hence, often not visible to cyber security experts. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. The outcome of such self-assessment need to define a current and target state, prior to creating a transformation roadmap outlining tasks to achieve the stated target state. In this article, a comparative empirical analysis is performed of multiple cyber risk assessment approaches, to define a high-level potential target state for company integrating IoT devices and/or services. Defining a high-level potential target state represent is followed by a high-level transformation roadmap, describing how company can achieve their target state, based on their current state. The transformation roadmap is used to adapt IoT risk impact assessment with a Goal-Oriented Approach and the Internet of Things Micro Mart model. The main contributions from this paper represent a transformation roadmap for standardisation of IoT risk impact assessment; and transformation design imperatives describing how IoT companies can achieve their target state based on their current state with a Goal-Oriented approach. Verified by epistemological analysis defining a unified cyber risk assessment approach. These can be used for calculating the economic impact of cyber risk; for international cyber risk assessment approach; for quantifying cyber risk; and for planning for impact of cyber-attacks, e.g. cyber insurance. The new methods presented in this paper for applying the roadmap include: IoT Risk Analysis through Functional Dependency; Network-based Linear Dependency Modelling; IoT risk impact assessment with a Goal-Oriented Approach; and a correlation between the Goal-Oriented Approach and the IoTMM model.

scholarly journals Definition of Internet of Things (IoT) Cyber Risk – Discussion on a Transformation Roadmap for Standardisation of Regulations, Risk Maturity, Strategy Design and Impact Assessment

2019 ◽  
Author(s):  
Petar Radanliev ◽  
David De Roure ◽  
Jason R.C. Nurse ◽  
Pete Burnap ◽  
Eirini Anthi ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Impact Assessment ◽  
Cyber Security ◽  
The Internet ◽  
Self Assessment ◽  
Target State ◽  
Iot Devices ◽  
High Level ◽  
Cyber Risk ◽  
The Internet Of Things

The Internet-of-Things (IoT) enables enterprises to obtain profits from data but triggers data protection questions and new types of cyber risk. Cyber risk regulations for the IoT however do not exist. The IoT risk is not included in the cyber security assessment standards, hence, often not visible to cyber security experts. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. The outcome of such self-assessment needs to define a current and target state, prior to creating a transformation roadmap outlining tasks to achieve the stated target state. In this article, a comparative empirical analysis is performed of multiple cyber risk assessment approaches, to define a high-level potential target state for company integrating IoT devices and/or services. Defining a high-level potential target state represent is followed by a high-level transformation roadmap, describing how company can achieve their target state, based on their current state. The transformation roadmap is used to adapt IoT risk impact assessment with a Goal-Oriented Approach and the Internet of Things Micro Mart model.

scholarly journals Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge

2020 ◽  
Author(s):  
Petar Radanliev ◽  
David De Roure ◽  
Max Van Kleek ◽  
Uchenna Ani ◽  
Pete Burnap ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Internet Of Things ◽  
Cyber Security ◽  
Security Requirements ◽  
Self Assessment ◽  
Target State ◽  
Risk Assessment Models ◽  
Dependency Model ◽  
Iot Devices ◽  
Cyber Risk

AbstractThe Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture.

scholarly journals Cyber Risk in IoT Systems

2019 ◽  
Author(s):  
Petar Radanliev ◽  
David Charles De Roure ◽  
Carsten Maple ◽  
Jason R.C. Nurse ◽  
Razvan Nicolescu ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Risk Management ◽  
Internet Of Things ◽  
The Internet ◽  
Incident Response ◽  
Open Questions ◽  
Response And Recovery ◽  
Management Approaches ◽  
Cyber Risk ◽  
The Internet Of Things

In this paper we present an understanding of cyber risks in the Internet of Things (IoT), we explain why it is important to understand what IoT cyber risks are and how we can use risk assessment and risk management approaches to deal with these challenges. We introduce the most effective ways of doing Risk assessment and Risk Management of IoT risk. As part of our research, we also developed methodologies to assess and manage risk in this emerging environment.  This paper will take you through our research and we will explain: what we mean by the IoT; what we mean by risk and risk in the IoT; why risk assessment and risk management are important; the IoT risk management for incident response and recovery; what open questions on IoT risk assessment and risk management remain.

scholarly journals Future developments in cyber risk assessment for the internet of things

2018 ◽  
Vol 102 ◽  
pp. 14-22 ◽  
Author(s):  
Petar Radanliev ◽  
David Charles De Roure ◽  
Razvan Nicolescu ◽  
Michael Huth ◽  
Rafael Mantilla Montalvo ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Internet Of Things ◽  
The Internet ◽  
Future Developments ◽  
Cyber Risk ◽  
The Internet Of Things

Climate, Cyber Risk, and the Promise of the Internet of Things (IoT)

2021 ◽  
Author(s):  
Mohammed Hussein ◽  
Lawrence J. Trautman ◽  
Louis Ngamassi ◽  
Mason Molesky
Keyword(s):  
Internet Of Things ◽  
The Internet ◽  
Cyber Risk ◽  
The Internet Of Things

ANALYSIS OF PROTECTION PROTOCOLS AND RISK ASSESSMENT OF THEIR USE IN INTERNET NETWORKS

2021 ◽  
pp. 223-230
Author(s):  
Сергей Александрович Ермаков ◽  
Андрей Сергеевич Тулинов ◽  
Андрей Александрович Болгов ◽  
Валерий Константинович Власов
Keyword(s):  
Risk Assessment ◽  
Internet Of Things ◽  
Security Protocols ◽  
The Internet ◽  
Successful Implementation ◽  
Modeling Tool ◽  
Simulation Results ◽  
Internet Networks ◽  
Internet Of Things Technology ◽  
The Internet Of Things

В данной статье предлагается методика повышения защищенности сетей и конечных устройств интернета вещей от атак, направленных на нарушение конфиденциальности информации и процедуры аутентификации, за счет внедрения новых несертифицированных протоколов обеспечения безопасности и создания методического обеспечения для оценки рисков успешной реализации атак. В работе были смоделированы и проанализированы протоколы безопасности технологии интернета вещей с помощью специализированного инструмента моделирования. При использовании результатов моделирования для всех протоколов, представленных в данной работе, был посчитан риск успешной реализации атак, направленных на нарушение конфиденциальности информации и процедуры аутентификации. На основе полученных значений было выполнено сравнение протоколов безопасности. Результаты проделанной работы позволят упростить разработку и внедрение новых протоколов безопасности для технологии интернета вещей. This article proposes a method for improving the security of the networks and end devices of the Internet of Things from attacks aimed at violating the confidentiality of information and authentication procedures by introducing new uncertified security protocols and creating methodological support for assessing the risks of successful implementation of attacks. The security protocols of the Internet of Things technology were modeled and analyzed using a specialized modeling tool. When using the simulation results for all the protocols presented in this work, the risk of successful implementation of attacks aimed at violating the confidentiality of information and the authentication procedure was calculated. Based on the obtained values, a comparison of security protocols was performed. The results of this work will simplify the development and implementation of new security protocols for the Internet of Things technology.

Computational Business Intelligence, Big Data, and Their Role in Business Decisions in the Age of the Internet of Things

2017 ◽  
pp. 249-268 ◽  
Author(s):  
Javier Vidal-García ◽  
Marta Vidal ◽  
Rafael Hernandez Barros
Keyword(s):  
Big Data ◽  
Internet Of Things ◽  
Business Intelligence ◽  
The Internet ◽  
Self Assessment ◽  
Business Decisions ◽  
Business Operations ◽  
Large Databases ◽  
The Social ◽  
The Internet Of Things

The evolution of the big data and new techniques related to the processing and analysis of large databases is revolutionizing the management of companies in the age of the Internet of Things (IoT). In this chapter, we examine the possibilities of big data to improve the services offered by companies and the customer experience and increase the efficiency of these companies. Companies must accept the challenge of self-assessment and measure the barriers that threaten to prevent them from reaching to get the maximum potential derived from big data and analytics. The combination of big data and computational business intelligence will change completely processes, logistics and distribution strategies, the choice of marketing channels and any aspect of the production and marketing of products and services. A case of GE is presented to showcase the use of the IoT and big data. All companies, regardless of size or sector, will improve their business operations due to big data generated from the social media and IoT applications and its use in computational business intelligence.

Sign in / Sign up

Export Citation Format

Share Document