Future developments in standardisation of cyber risk in the Internet of Things (IoT)
Petar Radanliev, David C De Roure, Jason RC Nurse, Rafael Mantilla, Montalvo, Stacy Cannady, Omar Santos, Peter Burnap, Carsten Maple

TL;DR
This paper introduces a new model for assessing the economic impact of IoT cyber risks by adapting existing standards through a novel design process and new risk assessment vectors tailored for IoT environments.
Contribution
It presents a new impact assessment model for IoT cyber risk, incorporating a design process and specific risk vectors, filling gaps in current standards.
Findings
Identified gaps in current cyber risk standards for IoT
Developed a new impact assessment model for IoT cyber risk
Proposed design principles for future cyber risk standards
Abstract
In this research article, we explore the use of a design process for adapting existing cyber risk assessment standards to allow the calculation of economic impact from IoT cyber risk. The paper presents a new model that includes a design process with new risk assessment vectors, specific for IoT cyber risk. To design new risk assessment vectors for IoT, the study applied a range of methodologies, including literature review, empirical study and comparative study, followed by theoretical analysis and grounded theory. An epistemological framework emerges from applying the constructivist grounded theory methodology to draw on knowledge from existing cyber risk frameworks, models and methodologies. This framework presents the current gaps in cyber risk standards and policies, and defines the design principles of future cyber risk impact assessment. The core contribution of the article…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
