Uncertainty and Its Role in IoT Risk Management

Abstract:

The decision-making process in the city needs to consider cyber risks. For this reason, evaluating the impact of technological solutions and the stakeholder preferences allows selecting the best cybersecurity strategies. A critical factor in developing risk management is the time; as traditional computer systems have more static characteristics than IoT systems, the periods between risk assessments can be more extended, for example, every 6 months. On the other hand, dynamic environments such as IoT require shorter assessment periods because the attack surface may present new exploitable elements with the increase of new devices, interconnections, or services. Therefore, security risk methodologies have primarily focused on traditional computer systems, in which the environment generally is not dynamic, and the degree of dependency between the different assets has a value of low uncertainty.

Año de publicación:

2021

Keywords:

Fuente:

google