Internet of Things Security

Research Questions and Methods

This project seeks to identify different interactions between the macro-level legal policies and formal organizational policies and procedures and the micro-level daily work practices that support the knowledge work and task coordination needed to improve O&M and IT collaboration around IoT cybersecurity.

Our research questions ask:

  1. What are the interactive dynamics between public policies and guidance, organizational policies and procedures, and daily formal and informal work practices that impact collaborative knowledge work and task coordination work with IoT between IT departments and O&M?
  2. What confluence of these macro-level policies and procedures and micro-level work practices support the knowledge work and task coordination required for IoT cybersecurity collaboration that can overcome IT/OT convergence?

Methodology

The project uses a qualitative approach that will collect data through observations, expert interviews, and document analysis in three phases:

  1. Ethnographic research of IoT cybersecurity efforts between O&M and IT departments at three different universities;
  2. Expert interviews with IT and O&M IoT cybersecurity experts in the United States; and
  3. Case studies of higher education IoT cybersecurity efforts.

Scientific Impacts for Cybersecurity Research

This research aims to both contribute to cybersecurity research and organizational theory to improve O&M and IT collaboration practice and to inform public policy on IoT security.

This study will generate knowledge around how IT and O&M professionals can work better together to improve the security of our built environment and how public policy may affect cybersecurity collaboration. To this end, the study will have a high impact on cybersecurity theory and empirical research through:

  1. Providing much-needed empirical data on current collaborative O&M and IT cybersecurity practices;
  2. Developing theory on how the daily work practices of security professionals affect cybersecurity collaboration and how public policy and organizational rules impact their collaborative work; and
  3. Identifying organizational, policy, and practices that help O&M and IT work better together to improve IoT security.

Broader Impacts for Industry & Government

This study will inform cybersecurity policy and impact cybersecurity professionals in the building industry through:

  1. An industry report on successful O&M and IT collaboration strategies;
  2. Published white papers on policy findings and recommendations;
  3. Sharing our findings at public speaking events, in popular and academic publications, and through developing training for building professionals and students; and
  4. Improving the cybersecurity pipeline through prioritizing student researchers currently underrepresented in the cybersecurity field.