A Survey on Cyber Risk Management for the Internet of Things

The Internet of Things (IoT) continues to grow at a rapid pace, becoming integrated into the daily operations of individuals and organisations. IoT systems automate crucial services within daily life that users may rely on, which makes the assurance of security towards entities such as devices and information even more significant. In this paper, we present a comprehensive survey of papers that model cyber risk management processes within the context of IoT, and provide recommendations for further work. Using 39 collected papers, we studied IoT cyber risk management frameworks against four research questions that delve into cyber risk management concepts and human-orientated vulnerabilities. The importance of this work being human-driven is to better understand how individuals can affect risk and the ways that humans can be impacted by attacks within different IoT domains. Through the analysis, we identified open areas for future research and ideas that researchers should consider.

Automated summary

In this paper, a comprehensive survey of cyber risk management processes in the context of IoT is presented, and recommendations for future work are provided. Through the analysis of 39 collected papers, IoT cyber risk management frameworks are studied against four research questions that focus on cyber risk management concepts and human-orientated vulnerabilities. The importance of this work lies in understanding how individuals can impact risk and how humans can be affected by attacks in different IoT domains.