Cyber-risks in the Industrial Internet of Things (IIoT): towards a method for continuous assessment.

Adaroa Boye, Carolina and Kearney, Paul and Josephs, Mark (2018) Cyber-risks in the Industrial Internet of Things (IIoT): towards a method for continuous assessment. In: 21st Information Security Conference ISC 2018, 9 to 12 od September, 2018, Guildford. (In Press)

[img]
Preview
Text
Cyber-risks_in_the_Industrial_Internet_of_Things_a_method_for_continuous_assessment.pdf

Download (479kB)

Abstract

Continuous risk monitoring is considered in the context of
cybersecurity management for the Industrial Internet-of-Thing. Cyber risk management best practice is for security controls to be deployed and configured in order to bring down risk exposure to an acceptable level. However, threats and known vulnerabilities are subject to change, and estimates of risk are subject to many uncertainties, so it is important to review risk assessments and update controls when required. Risks are typically reviewed periodically (e.g. once per month), but the accelerating
pace of change means that this approach is not sustainable, and there is a requirement for continuous monitoring of cybersecurity risks.
The method described in this paper aims to alert security staff of significant changes or trends in estimated risk exposure to facilitate rational and timely decisions. Additionally, it helps predict the success and impact
of a nascent security breach allowing better prioritisation of threats and selection of appropriate responses. The method is illustrated using a scenario based on environmental control in a data centre.

Item Type: Conference or Workshop Item (Paper)
Subjects: G400 Computer Science
Divisions: Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology > Cyber Security
Faculty of Computing, Engineering and the Built Environment
UoA Collections > REF2021 UoA11: Computer Science and Informatics
Depositing User: Carolina Adaros Boye
Date Deposited: 24 Jul 2018 14:05
Last Modified: 24 Jul 2018 14:05
URI: http://www.open-access.bcu.ac.uk/id/eprint/6157

Actions (login required)

View Item View Item

Research

In this section...