Future developments in cyber risk assessment for the internet of things

Radanliev, Petar and De Roure, David and Nicolescu, Razvan and Huth, Michael and Mantilla Montalvo, Rafael and Cannady, Stacy and Burnap, Peter (2018): Future developments in cyber risk assessment for the internet of things. Published in: Computers in Industry - https://doi.org/10.1016/j.compind.2018.08.002 No. 102 (2018) 14–22 (September 2018): pp. 14-22.

PDF
MPRA_paper_92567.pdf
Download (292kB)

Abstract

This article is focused on the economic impact assessment of Internet of Things (IoT) and its associated cyber risks vectors and vertices – a reinterpretation of IoT verticals. We adapt to IoT both the Cyber Value at Risk model, a well-established model for measuring the maximum possible loss over a given time period, and the MicroMort model, a widely used model for predicting uncertainty through units of mortality risk. The resulting new IoT MicroMort for calculating IoT risk is tested and validated with real data from the BullGuard's IoT Scanner (over 310,000 scans) and the Garner report on IoT connected devices. Two calculations are developed, the current state of IoT cyber risk and the future forecasts of IoT cyber risk. Our work therefore advances the efforts of integrating cyber risk impact assessments and offer a better understanding of economic impact assessment for IoT cyber risk.

Item Type:	MPRA Paper
Original Title:	Future developments in cyber risk assessment for the internet of things
English Title:	Future developments in cyber risk assessment for the internet of things
Language:	English
Keywords:	IoT cyber risk IoT risk analysis IoT cyber insurance IoT MicroMort Cyber value-at-risk
Subjects:	C - Mathematical and Quantitative Methods > C1 - Econometric and Statistical Methods and Methodology: General C - Mathematical and Quantitative Methods > C1 - Econometric and Statistical Methods and Methodology: General > C10 - General C - Mathematical and Quantitative Methods > C1 - Econometric and Statistical Methods and Methodology: General > C15 - Statistical Simulation Methods: General C - Mathematical and Quantitative Methods > C1 - Econometric and Statistical Methods and Methodology: General > C18 - Methodological Issues: General O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights > O30 - General O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights > O31 - Innovation and Invention: Processes and Incentives O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights > O32 - Management of Technological Innovation and R&D O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights > O33 - Technological Change: Choices and Consequences ; Diffusion Processes O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights > O35 - Social Innovation O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights > O38 - Government Policy O - Economic Development, Innovation, Technological Change, and Growth > O3 - Innovation ; Research and Development ; Technological Change ; Intellectual Property Rights > O39 - Other
Item ID:	92567
Depositing User:	Dr Petar radanliev
Date Deposited:	21 Mar 2019 14:25
Last Modified:	26 Sep 2019 18:34
References:	Nicolescu, R., Huth, M., Radanliev, P. and De Roure, D. (2018a) ‘Mapping the values of IoT’, Journal of Information Technology. Palgrave Macmillan UK, pp. 1–16. doi: 10.1057/s41265-018-0054-1. Nicolescu, R., Huth, M., Radanliev, P. and De Roure, D. (2018b) State of The Art in IoT - Beyond Economic Value. London. Available at: https://iotuk.org.uk/wp-content/uploads/2018/08/State-of-the-Art-in-IoT-–-Beyond-Economic-Value2.pdf (Accessed: 14 October 2018). Nurse, J. R. C., Radanliev, P., Creese, S. and De Roure, D. (2018) ‘Realities of Risk: “If you can”t understand it, you can’t properly assess it!’: The reality of assessing security risks in Internet of Things systems’, in Living in the Internet of Things: Cybersecurity of the IoT - 2018. 28 - 29 March 2018 \| IET London: Savoy Place: The Institution of Engineering and Technology, pp. 1–9. doi: 10.1049/cp.2018.0001. Radanliev, P. (2014) A conceptual framework for supply chain systems architecture and integration design based on practice and theory in the North Wales slate mining industry. British Library. doi: ISNI: 0000 0004 5352 6866. Radanliev, P. (2015a) ‘Architectures for Green-Field Supply Chain Integration’, Journal of Supply Chain and Operations Management. GB, 13(2). Available at: https://www.csupom.com/uploads/1/1/4/8/114895679/2015n5p5.pdf (Accessed: 11 August 2016). Radanliev, P. (2015b) ‘Engineering Design Methodology for Green-Field Supply Chain Architectures Taxonomic Scheme’, Journal of Operations and Supply Chain Management. GB, 8(2), pp. 52–66. doi: 10.12660/joscmv8n2p52-66. Radanliev, P. (2015c) ‘Green-field Architecture for Sustainable Supply Chain Strategy Formulation’, International Journal of Supply Chain Management. GB, 4(2), pp. 62–67. Available at: http://ojs.excelingtech.co.uk/index.php/IJSCM/article/view/1060/pdf (Accessed: 11 August 2016). Radanliev, P. (2016) ‘Supply Chain Systems Architecture and Engineering Design: Green-field Supply Chain Integration’, Operations and Supply Chain Management: An International Journal, 9(1). Available at: http://www.journal.oscm-forum.org/journal/abstract/oscm-volume-9-issue-1-2016/supply-chain-systems-architecture-and-engineering-design-green-field-supply-chain-integration (Accessed: 21 July 2017). Radanliev, P., Charles De Roure, D., Maple, C., Nurse, J. R. C., Nicolescu, R. and Ani, U. (2019) Cyber Risk in IoT Systems, Journal of Cyber Policy. University of Oxford. doi: 10.13140/RG.2.2.29652.86404. Radanliev, P., Charles De Roure, D., Nurse, J. R., Burnap, P., Anthi, E., Ani, U., Maddox, T., Santos, O. and Mantilla Montalvo, R. (no date) Definition of Internet of Things (IoT) Cyber Risk-Discussion on a Transformation Roadmap for Standardization of Regulations, Risk Maturity, Strategy Design and Impact Assessment. Available at: www.mdpi.com/journal/sensors. Radanliev, P., Charles De Roure, D., Nurse, J. R. C., Burnap, P. and Montalvo, R. M. (2019) Methodology for designing decision support supply chain systems for visualising and mitigating cyber risk from IoT technologies, Working paper. University of Oxford. doi: 10.13140/RG.2.2.32975.53921. Radanliev, P., De Roure, C. D., Nurse, .R.C., Nicolescu, R., Huth, M., Cannady, C. and Montalvo, R. M. (2018) ‘Integration of Cyber Security Frameworks, Models and Approaches for Building Design Principles for the Internet-of-things in Industry 4.0’, in Living in the Internet of Things: Cybersecurity of the IoT - 2018. London: IET, p. 41 (6 pp.)-41 (6 pp.). doi: 10.1049/cp.2018.0041. Radanliev, P., Roure, D. C. De, Nurse, J. R. C., Burnap, P., Anthi, E., Ani, U., Maddox, L., Santos, O. and Montalvo, R. M. (2019) Cyber risk from IoT technologies in the supply chain – decision support system for the Industry 4.0. University of Oxford. Radanliev, P., Roure, D. C. De, Nurse, J. R. C., Burnap, P., Anthi, E., Ani, U., Maddox, L., Santos, O. and Montalvo, R. M. (2019) Definition of Internet of Things (IoT) Cyber Risk – Discussion on a Transformation Roadmap for Standardisation of Regulations, Risk Maturity, Strategy Design and Impact Assessment. 201903.0080.v1. Oxford: Preprints. doi: 10.13140/RG.2.2.17305.88167. Radanliev, P., De Roure, D. C., Nurse, J. R. C., Burnap, P., Anthi, E., Ani, U., Santos, O. and Montalvo, R. M. (2019) Definition of Cyber Strategy Transformation Roadmap for Standardisation of IoT Risk Impact Assessment with a Goal-Oriented Approach and the Internet of Things Micro Mart, Working paper. University of Oxford. Radanliev, P., De Roure, D. C., Nurse, J. R. C. C., Nicolescu, R., Huth, M., Cannady, S. and Montalvo, R. M. (2019) New developments in Cyber Physical Systems, the Internet of Things and the Digital Economy – future developments in the Industrial Internet of Things and Industry 4.0. University of Oxford. doi: 10.13140/RG.2.2.14133.93921. Radanliev, P., De Roure, D. C., Nurse, J. R. C., Montalvo, R. M. and Burnap, P. (2019a) Standardisation of cyber risk impact assessment for the Internet of Things (IoT). University of Oxford. Radanliev, P., De Roure, D. C., Nurse, J. R. C., Montalvo, R. M. and Burnap, P. (2019b) The Industrial Internet-of-Things in the Industry 4.0 supply chains of small and medium sized enterprises, Working paper. University of Oxford. Radanliev, P., De Roure, D. C., Nurse, J. R. C., Montalvo, R. M., Burnap, P., Roure, D. C. De, Nurse, J. R. C., Montalvo, R. M. and Stacy Cannady (2019) Design principles for cyber risk impact assessment from Internet of Things (IoT), Working paper. University of Oxford. Radanliev, P., Roure, D. C. De, Nurse, J. R. C., Montalvo, R. M. and Stacy Cannady (2018) ‘Design principles for cyber risk impact assessment from Internet of Things (IoT)’, Wokring paper. Radanliev, P., De Roure, D. C., Nurse, J. R. C., Rafael, M. M. and Burnap, P. (2019) Supply Chain Design for the Industrial Internet of Things and the Industry 4.0. University of Oxford. doi: 10.13140/RG.2.2.36311.32160. Radanliev, P., De Roure, D., Cannady, S., Montalvo, R. M., Nicolescu, R. and Huth, M. (2018) ‘Economic impact of IoT cyber risk - analysing past and present to predict the future developments in IoT risk analysis and IoT cyber insurance’, in Living in the Internet of Things: Cybersecurity of the IoT - 2018. London: Institution of Engineering and Technology, p. 3 (9 pp.)-3 (9 pp.). doi: 10.1049/cp.2018.0003. Radanliev, P., De Roure, D., Cannady, S., Montalvo, R. M., Nicolescu, R. and Huth, M. (2019) Analysing IoT cyber risk for estimating IoT cyber insurance. Available at: www.preprints.org. Radanliev, P., De Roure, D., Nicolescu, R. and Huth, M. (2019) A reference architecture for integrating the Industrial Internet of Things in the Industry 4.0, Working paper. University of Oxford. Radanliev, P., De Roure, D., Nicolescu, R., Huth, M., Montalvo, R. M., Cannady, S. and Burnap, P. (2018) ‘Future developments in cyber risk assessment for the internet of things’, Computers in Industry. Elsevier, 102, pp. 14–22. doi: 10.1016/J.COMPIND.2018.08.002. Radanliev, P., De Roure, D., Nurse, J. R. C. C., Nicolescu, R., Huth, M., Cannady, S. and Montalvo, R. M. (2019) Cyber risk impact assessment – assessing the risk from the IoT to the digital economy. University of Oxford. doi: 10.13140/RG.2.2.11145.49768. Radanliev, P., De Roure, D., Nurse, J. R. C., Nicolescu, R., Huth, M., Cannady, S. and Montalvo, R. M. (2019) Cyber Security Framework for the Internet-of-Things in Industry 4.0. Available at: www.preprints.org. Radanliev, P., Rowlands, H. and Thomas, A. (2014) ‘Supply Chain Paradox: Green-field Architecture for Sustainable Strategy Formulation’, in Setchi, R., Howlett, R. J., Naim, M., and Seinz, H. (eds) Cardiff: Sustainable Design and Manufacturing 2014, Part 2, International Conference. Cardiff: Future Technology Press, pp. 839–850. Taylor, P., Allpress, S., Carr, M., Lupu, E., Norton, J., Smith, L., Blackstock, J., Boyes, H., Hudson-Smith, A., Brass, I., Chizari, H., Cooper, R., Coulton, P., Craggs, B.,Davies, N., De Roure, D., Elsden, M., Huth, M., Lindley, J., Maple, C., Mittelstadt, B., Nicolescu, R., Nurse, J., Procter, R., Radanliev, P., Rashid, A., Sgandurra, D., Skatova, A., Taddeo, M., Tanczer, L., Vieira-Steiner, R., Watson, J.D.M., Wachter, S., Wakenshaw, S., Carvalho, G., T. and R.J., Westbury, P. S. (2018) Internet of Things realising the potential of a trusted smart world. London. Available at: www.raeng.org.uk/internetofthings (Accessed: 31 March 2018).
URI:	https://mpra.ub.uni-muenchen.de/id/eprint/92567

All papers reproduced by permission. Reproduction and distribution subject to the approval of the copyright owners.

View Item