Journal of Network Security

One unsettling truth emerges from the modern landscape of cybersecurity risk management: managing cyber risk across the enterprise is more difficult than ever. Even the most skilled teams today may find it difficult to keep architectures and systems secure and compliant. "As more of our physical world is linked to and controlled by the virtual world, more of our business and personal information becomes digital", according to various industry veterans and cybersecurity consultants at trust in information technology. While cybersecurity risk management has never been more important, it has also never been more difficult. The study's main question is, "What is Cyber Risk Management?" The first sub-question is, "What are the steps for managing Cyber Risk?" and the second sub question of study is “what are the benefits of cyber risk management?”. The methodology used in this research is secondary data, which we obtained from various books and URLs. The research finding is that other factors beyond the changing threat of landscape also affect existing cybersecurity risk planning. Regulations are frequently changed and new ones are enacted. To ensure compliance, the risks associated with these changes must be assessed and cybersecurity policies and procedures are modified to ensure compliance.

Alahmari A, Duncan B. Cybersecurity risk management in small and medium-sized enterprises: A systematic review of recent evidence. In 2020 IEEE International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) 2020 Jun 15; 1–5.

Lee I. Internet of Things (IoT) cybersecurity: Literature review and IoT cyber risk management. Future Internet. 2020 Sep; 12(9): 157.

NACD Board Talk. (2019). The Economics of Cybersecurity. [Online]. Available from https://blog.nacdonline.org/posts/the-economics-of-cybersecurity

IT Governance. Cyber Risk Management Service. [Online]. Available from https://www.itgovernance.co.uk/cyber-security-risk-management. 5. Choo KK, Gai K, Chiaraviglio L, Yang Q. A multidisciplinary approach to Internet of Things (IoT) cybersecurity and risk management. Comput Secur. 2021 Mar 1; 102: 102136.

Lu Y, Da Xu L. Internet of Things (IoT) cybersecurity research: A review of current research topics. IEEE Internet Things J. 2018 Sep 12; 6(2): 2103–15.

Radanliev P, De Roure D, Nurse JR, Nicolescu R, Huth M, Cannady S, Montalvo RM. Integration of cyber security frameworks, models and approaches for building design principles for the internet-of-things in industry 4.0. In IET Living in the Internet of Things: Cybersecurity of the IoT-2018. 2018 Mar 28; 1–6.

Gordon LA, Loeb MP, Sohail T. A framework for using insurance for cyber-risk management. Commun ACM. 2003 Mar 1; 46(3): 81–85.

Paté‐Cornell ME, Kuypers M, Smith M, Keller P. Cyber risk management for critical infrastructure: a risk analysis model and three case studies. Risk Anal. 2018 Feb; 38(2): 226–41.

Carfora M, Martinelli F, Mercaldo F, Orlando A. Cyber risk management: An actuarial point of view. J Oper Risk. 2019 Feb 8; 14(4): 77–103.