Abstract:
This doctoral thesis provides contributions to the field of cybersecurity risk management, in particular to cybersecurity risk management drivers, cybersecurity risk management frameworks, and IoT security best practices. The main thesis contributions include:
• The critical evaluation of thirteen current cyber threat categories using a proposed threat rating method;
• The critical evaluation of cybersecurity-related legislations via a proposed evaluation method;
• The critical evaluation of cybersecurity risk management frameworks through a proposed evaluation methodology;
• The development of the IoT security risk management reference model (IoTSRM2) based on a proposed methodology, and the critical evaluations for the IoTSRM2;
• The undertaking of the IoTSRM2-based survey using a proposed survey methodology, the reporting of the survey findings, and the discussion on the IoTSRM2-based survey study.