Leaders’ perspectives on iot security risk management strategies in surveyed organizations relative to iotsrm2

Abstract

In the COVID-19 and post-pandemic business environment, leveraging robust Internet of Things (IoT) security risk management strategies becomes of particular importance to IoT adopters. Thus, given that no research study was found to exclusively focus on the current state of IoT security risk management strategies in organizations, this article aims to support IoT security practitioners to peer benchmark and enhance their IoT security risk management strategies. In a nutshell, this study relies on a mixed methods research methodology, and its main contribution is the determina-tion of the current state of the IoT security risk management strategies in the surveyed organizations relative to our IoT Security Risk Management Strategy Reference Model (IoTSRM2). Hence, this study entails designing and conducting a survey, analyzing survey responses, and reporting survey results based on our IoTSRM2 and proposed three-phased survey methodology. Furthermore, be-fore discussing the related work, this article provides our survey results for the surveyed large and small-medium organizations, the surveyed large organizations, and the surveyed large Technology, Media, and Telecom (TMT) organizations. For instance, our results reveal that while most surveyed organizations perform IoT risk assessments and focus on IoT infrastructure resilience, they fail in strategizing IoT governance and risk management, among others.