Techno-economics of IoT and OT Security
DOI:
https://doi.org/10.26636/jtit.2025.FITCE2024.2032Keywords:
cybercrime, cybersecurity, IoT, justification for regulation, OT, techno-economicsAbstract
This paper provides an overview of the techno-economics of cybersecurity in IoT and OT devices. The purpose is to identify and provide justification for regulatory action within the area.
Downloads
References
[1] PricewaterhouseCoopers, "PwC’s Global Economic Crime and Fraud Survey 2022", PricewaterhouseCoopers, 2022 (https://www.pwc.com/gx/en/services/forensics/economic-crime-survey/2022.html).
View in Google Scholar
[2] World Economic Forum, "Global Risk Report 2024", World Economic Forum, 2024 (https://www.weforum.org/publications/global-risks-report-2024/in-full/).
View in Google Scholar
[3] European Commission, "Joint Communication to the European Parliament and The Council: The EU's Cybersecurity Strategy for the Digital Decade, JOIN (2020) 18 final", Brussels, 2020.
View in Google Scholar
[4] European Commission, "NIS2 Directive", Brussels, 2020.
View in Google Scholar
[5] European Commission, "EU Cyber Resilience Act, Shaping Europe's Digital Future", Brussels, 2022.
View in Google Scholar
[6] M.M. Noor and W.H. Hassan, "Current Research on Internet of Things (IoT) Security: A Survey", Computer Networks, vol. 148, pp. 283-294, 2019.
View in Google Scholar
[7] R. Mahmoud, T. Yousuf, F. Aloul, and I. Zualkernan, "Internet of Things (IoT) Security: Current Status, Challenges and Prospective Measures", 10th International Conference for Internet Technology and Secured Transactions (ICIT), London, UK, 2015.
View in Google Scholar
[8] W.A. Conklin, "IT vs. OT Security: A Time to Consider a Change in CIA to Include Resilience", 49th Hawaii International Conference on System Sciences (HICSS), Koloa, USA, 2016.
View in Google Scholar
[9] I. Brown, "The Economics of Privacy, Data Protection and Surveillance", in: Handbook on the Economics of the Internet, Edward Elgar Publishing, pp. 247-261, 2016.
View in Google Scholar
[10] H. Asghari, M. van Eeten, and J.M. Bauer, "Economics of Cybersecurity", in: Handbook on the Economics of the Internet, Edward Elgar Publishing, pp. 262-287, 2016.
View in Google Scholar
[11] A. Odlyzko, "Cybersecurity is Not Very Important", Ubiquity, pp. 1-23, 2019.
View in Google Scholar
[12] J.P. Anderson, "Computer Security Technology Planning Study", Technical Report for USAF, 1972.
View in Google Scholar
[13] R. von Solms and J. van Niekerk, "From Information Security to Cyber Security", Computer and Security, vol. 38, pp. 97-102, 2013.
View in Google Scholar
[14] J. van der Ham, "Toward a Better Understanding of ‘Cybersecurity’", Digital Threats: Research and Practice, vol. 2, pp. 1-3, 2021.
View in Google Scholar
[15] M.G. Cains et al., "Defining Cyber Security and Cyber Security Risk within a Multidisciplinary Context Using Expert Elicitation", Risk Analysis, vol. 42, pp. 1643-1669, 2022.
View in Google Scholar
[16] M. Kianpour, S. Kowalski, and H. Øverby, "Systematically Understanding Cybersecurity Economics: A Survey", Sustainability, vol. 13, art. no. 13677, 2021.
View in Google Scholar
[17] A. Sarri, V. Paggio, and G. Bafoutsou, "Cybersecurity for SMEs - Challenges and Recommendations", European Union Agency for Cybersecurity (ENISA), Heraklion, Greece, 2021.
View in Google Scholar
[18] P. Radanliev et al., "Future Developments in Standardisation of Cyber Risk in the Internet of Things (IoT)", SN Applied Sciences, vol. 2, art. no. 169, 2020.
View in Google Scholar
[19] I. Brass et al., "Standardising a Moving Target: The Development and Evolution of IoT Security Standards", Living in the Internet of Things: Cybersecurity of the IoT, London, UK, 2018.
View in Google Scholar
[20] S. Ghosh and S. Sampalli, "A survey of security in SCADA networks: Current issues and future challenges", IEEE Access, vol. 7, pp. 135812-135831, 2019.
View in Google Scholar
[21] V.M. Igure, S.A. Laughter, and R.D. Williams "Security Issues in SCADA Networks", Computers and Security, vol. 25, pp. 498-506, 2006.
View in Google Scholar
[22] E. Schiller et al., "Landscape of IoT Security", Computer Science Review, vol. 44, art. no. 100467, 2022.
View in Google Scholar
[23] R. Alkhadra, J. Abuzaid, M. AlShammari, and N. Mohammad, "Solar Winds Hack: In-depth Analysis and Countermeasures", 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), Kharagpur, India, 2021.
View in Google Scholar
[24] M. Willett, "Lessons of the SolarWinds Hack", Survival. Global Politics and Strategy, vol. 63, pp. 7-26, 2021.
View in Google Scholar
[25] M. Al-Hawawreh, E. Sitnikova, and N. Aboutorab, "Asynchronous Peer-to-peer Federated Capability-based Targeted Ransomware Detection Model for Industrial IoT", IEEE Access, vol. 9, pp. 148738-148755, 2021.
View in Google Scholar
[26] R. Vishwakarma and A.K. Jain, "A Survey of DDoS Attacking Techniques and Defence Mechanisms in the IoT Network", Telecommunication Systems, vol. 73, pp. 3-25, 2020.
View in Google Scholar
[27] L. Tawalbeh, F. Muheidat, M. Tawalbeh, and M. Quwaider, "IoT Privacy and Security: Challenges and Solutions", Applied Sciences, vol. 10, art. no. 4102, 2020.
View in Google Scholar
[28] J.M. Bauer and M.J. van Eeten, "Cybersecurity: Stakeholder Incentives, Externalities, and Policy Options", Telecommunications Policy, vol. 33, pp. 706-719, 2009.
View in Google Scholar
[29] M.P. Barrett, "Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1", NIST, 2018.
View in Google Scholar
[30] S. Chng, H.Y. Lu, A. Kumar, and D. Yau, "Hacker Types, Motivations and Strategies: A Comprehensive Framework", Computers in Human Behavior Reports, vol. 5, art. no. 100167, 2022.
View in Google Scholar
[31] ENISA, "ENISA Threat Landscape 2021", 2021 (https://www.enisa.europa.eu/publications/enisa-threat-landscape-2021).
View in Google Scholar
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Morten Falch, Reza Tadayoni
This work is licensed under a Creative Commons Attribution 4.0 International License.
