Continuous cyber-risk assessment for the Industrial Internet of Things (IIoT)
Development of a method for cyber security risk analysis with focus on IoT and Industrial Control Systems that would automate recalculation of risk scores in response to real-time data feeds. The Internet of Things is particularly vulnerable to cyber-attacks. As these systems have components that interact with the real world, such as sensors and actuators, the consequences of an attack go beyond data theft and privacy issues.
The aim of Carolina's project is helping improving cyber situational awareness, as well as to evaluate the different threats according to the context of each organisation. The idea is to consider not only the threat but also how the operations and the business will be affected and how prepared they are to deal with the consequences of an attack.
There is a challenge in dealing with a big amount and variety of data, so her main contribution will be to process that data and transform it into useful information for risk managers and decision makers and also provide an additional view of the situation to security analysis.
