Paper Info
Title
Cyber-Risks In The Industrial Internet Of Things (Iiot): Towards A Method For Continuous Assessment
Abstract
Continuous risk monitoring is considered in the context of cybersecurity management for the Industrial Internet-of-Thing. Cyber-risk management best practice is for security controls to be deployed and configured in order to bring down risk exposure to an acceptable level. However, threats and known vulnerabilities are subject to change, and estimates of risk are subject to many uncertainties, so it is important to review risk assessments and update controls when required. Risks are typically reviewed periodically (e.g. once per month), but the accelerating pace of change means that this approach is not sustainable, and there is a requirement for continuous monitoring of cybersecurity risks. The method described in this paper aims to alert security staff of significant changes or trends in estimated risk exposure to facilitate rational and timely decisions. Additionally, it helps predict the success and impact of a nascent security breach allowing better prioritisation of threats and selection of appropriate responses. The method is illustrated using a scenario based on environmental control in a data centre.
Year
DOI
Venue
2018
10.1007/978-3-319-99136-8_27
INFORMATION SECURITY (ISC 2018)
Keywords
Field
DocType
Internet of Things, Industrial IoT, Industrial Control Systems, Cyber-security, Control systems, Risk analysis
Security controls,Best practice,Continuous assessment,Risk analysis (business),Computer science,Risk assessment,Industrial control system,Risk analysis (engineering),Continuous monitoring,Vulnerability
Conference
Volume
ISSN
Citations 
11060
0302-9743
0
PageRank 
References 
Authors
0.34
9
3
Name
Order
Citations
PageRank
Carolina Adaros Boye100.34
Paul Kearney242.33
Mark B. Josephs330235.24