Skip to main content
SpringerLink
Log in

Development of the Mechanism of Assessing Cyber Risks in the Internet of Things Projects

  • Conference paper
  • First Online:
Internet of Things, Smart Spaces, and Next Generation Networks and Systems (NEW2AN 2019, ruSMART 2019)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 11660))

  • 1735 Accesses

Abstract

We developed the mechanism of assessing cyber risks for Internet of Things (IoT) projects. The relevance of this topic is explained by growing sophistication of cyber-attacks, the speed of new threats emergence and increasing damage from the attacks. The paper addresses decreasing efficiencies of existing mechanisms of cyber risk assessment and fills the research gaps in this area. Results include development of the mechanism’s concept, its block diagram, the specification and description of its comprising tools and the case study. Unlike peers, the mechanism provided holistic approach to cyber risk assessment; integrated and coordinated all related activities and tools. It simulated the confidence interval of project return on investments (ROI) and showing the chances to go above risk appetite. It makes cyber risk assessment dynamic, iterative, responsive to changes in cyber environment. These advantages let us conclude that the mechanism should have a significant scientific and practical use.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abomhara, M., Koien, G.: Cyber security and internet of things: vulnerabilities, threats, intruders and attacks. J. Cyber Secur. 4, 65–68 (2015)

    Article  Google Scholar 

  2. Deloitte Inside. The Internet of Things. A technical primer (2018). https://www2.deloitte.com/insights/us/en/focus/Internet of Things/technical-primer.html. Accessed 2 Mar 2019

  3. Glukhov, V., Balashova, E.: Economics and Management in Info-Communication: Tutorial. Piter SPb, St. Petersburg (2012)

    Google Scholar 

  4. Grichounine, S.: Developing the mechanism of qualitative risk assessment in strategic controlling. SPbSPU J. Econ. 10(2), 64–74 (2017)

    Google Scholar 

  5. Radanliev, P., et al.: Future developments in cyber risk assessment for the Internet of things. Comput. Ind. 102, 14–22 (2018)

    Article  Google Scholar 

  6. Ralston, P.A.S., Graham, J.H., Hieb, J.L.: Cyber security risk assessment for SCADA and DCS networks. ISA Trans. 46, 583–594 (2007)

    Article  Google Scholar 

  7. Cherdantseva, Y., Burnap, P., et al.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016)

    Article  Google Scholar 

  8. Nurse, S., Greese, S., De Roure, D.C.: Security risk assessment in internet of things systems. IT Prof. 19(5), 20–26 (2017)

    Article  Google Scholar 

  9. Grishunin, S., Mukhanova, N., Suloeva, S.: Development of concept of risk controlling for industrial enterprise. Organ. Prod. 26(1), 45–46 (2018)

    Article  Google Scholar 

  10. Antonucci, D.: The cyber risk handbook: creating and measuring effective cyber-security capabilities. Wiley, Hoboken (2017)

    Book  Google Scholar 

  11. Filko, S., Filko, I.: Risk Controlling of Information Security. Accounting, Analysis and Audit: Theoretical and Practical Problems. SSAU 16, pp. 123–127 (2016)

    Google Scholar 

  12. ISO/IEC 27005:2013.: Information technology - security techniques - information security risk management. International Organization for Standardization (2005)

    Google Scholar 

  13. Abie, H., Balashingham, I: Risk-based adaptive security for smart IoT in e-health. In: Proceedings of the 7th Conference on Body Area Networks, Oslo, pp. 269–275 (2002)

    Google Scholar 

  14. Caralli, R., Stevens, J., Young, L., Wilson, W.: Introducing OCTAVE: Improving the Information Security Risk Assessment Process. Hansom AFB, MA (2007)

    Google Scholar 

  15. Wynn, J., et al.: Threat assessment and remediation analysis methodology, Bedford (2011)

    Google Scholar 

  16. Thomas, P., Bickel, J., Bratvold, R.: The risk of using risk matrices. SPE Econ. Manag. 6, 56–66 (2013)

    Article  Google Scholar 

  17. Gusmao, A., Poleto, T., Silva, M., Silva, L.: Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory. Int. J. Inf. Manag. 43(6), 248–260 (2018)

    Article  Google Scholar 

  18. Hubbard, D., Seiersen, R.: How to measure Anything in Cybersecurity Risk. Wiley, Hoboken (2016)

    Book  Google Scholar 

  19. Grishunin, S., Suloeva, S., NekrasovaT, T.: Development of the mechanism of risk-adjusted scheduling and cost budgeting of R&D projects in telecommunications. In: Galinina, O., Andreev, S., Balandin, S., Koucheryavy, Y. (eds.) NEW2AN 2018, ruSMART 2018. LNCS, vol. 11118, pp. 456–470. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01168-0_41

    Chapter  Google Scholar 

  20. Framework for improving critical infrastructure cybersecurity. National Institute of Standards and Technology (2018)

    Google Scholar 

  21. Kotenko, I., Chechulin, A.: A cyber attack modeling and impact assessment framework. In: 5th Conference on Cyber Conflict Proceedings, pp. 1–24. IEEE, Tallinn (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. St. Petersburg State Polytechnic University, St. Petersburg, Russia

    Sergei Grishunin, Svetlana Suloeva & Tatiana Nekrasova

  2. Moscow State University, Moscow, Russia

    Alexandra Egorova

Authors
  1. Sergei Grishunin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Svetlana Suloeva
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tatiana Nekrasova
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alexandra Egorova
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Sergei Grishunin , Svetlana Suloeva , Tatiana Nekrasova or Alexandra Egorova .

Editor information

Editors and Affiliations

  1. Tampere University, Tampere, Finland

    Olga Galinina

  2. Tampere University, Tampere, Finland

    Sergey Andreev

  3. FRUCT Oy, Helsinki, Finland

    Sergey Balandin

  4. Tampere University, Tampere, Finland

    Yevgeni Koucheryavy

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Grishunin, S., Suloeva, S., Nekrasova, T., Egorova, A. (2019). Development of the Mechanism of Assessing Cyber Risks in the Internet of Things Projects. In: Galinina, O., Andreev, S., Balandin, S., Koucheryavy, Y. (eds) Internet of Things, Smart Spaces, and Next Generation Networks and Systems. NEW2AN ruSMART 2019 2019. Lecture Notes in Computer Science(), vol 11660. Springer, Cham. https://doi.org/10.1007/978-3-030-30859-9_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30859-9_41

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30858-2

  • Online ISBN: 978-3-030-30859-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation