Cargando…
Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge
The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respon...
| Autores principales: | , , , , , , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Springer US
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7680653/ https://www.ncbi.nlm.nih.gov/pubmed/33251087 http://dx.doi.org/10.1007/s10669-020-09792-x |
| _version_ | 1783612477275111424 |
|---|---|
| author | Radanliev, Petar De Roure, David Van Kleek, Max Ani, Uchenna Burnap, Pete Anthi, Eirini Nurse, Jason R. C. Santos, Omar Montalvo, Rafael Mantilla Maddox, La’Treall |
| author_facet | Radanliev, Petar De Roure, David Van Kleek, Max Ani, Uchenna Burnap, Pete Anthi, Eirini Nurse, Jason R. C. Santos, Omar Montalvo, Rafael Mantilla Maddox, La’Treall |
| author_sort | Radanliev, Petar |
| collection | PubMed |
| description | The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture. |
| format | Online Article Text |
| id | pubmed-7680653 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| publisher | Springer US |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-76806532020-11-23 Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge Radanliev, Petar De Roure, David Van Kleek, Max Ani, Uchenna Burnap, Pete Anthi, Eirini Nurse, Jason R. C. Santos, Omar Montalvo, Rafael Mantilla Maddox, La’Treall Environ Syst Decis Article The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture. Springer US 2020-11-22 2021 /pmc/articles/PMC7680653/ /pubmed/33251087 http://dx.doi.org/10.1007/s10669-020-09792-x Text en © The Author(s) 2020 https://creativecommons.org/licenses/by/4.0/Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) . |
| spellingShingle | Article Radanliev, Petar De Roure, David Van Kleek, Max Ani, Uchenna Burnap, Pete Anthi, Eirini Nurse, Jason R. C. Santos, Omar Montalvo, Rafael Mantilla Maddox, La’Treall Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge |
| title | Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge |
| title_full | Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge |
| title_fullStr | Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge |
| title_full_unstemmed | Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge |
| title_short | Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge |
| title_sort | dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7680653/ https://www.ncbi.nlm.nih.gov/pubmed/33251087 http://dx.doi.org/10.1007/s10669-020-09792-x |
| work_keys_str_mv | AT radanlievpetar dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT derouredavid dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT vankleekmax dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT aniuchenna dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT burnappete dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT anthieirini dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT nursejasonrc dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT santosomar dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT montalvorafaelmantilla dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge AT maddoxlatreall dynamicrealtimeriskanalyticsofuncontrollablestatesincomplexinternetofthingssystemscyberriskattheedge |