Davis Matovu et al.; International Journal of Advance Research, Ideas and Innovations in Technology © 2020, www.IJARIIT.com All Rights Reserved Page |298 ISSN: 2454-132X Impact factor: 6.078 (Volume 6, Issue 1) Available online at: www.ijariit.com Cybersecurity risks associated with the Internet of Things: A review of related literature Davis Matovu davismatovu@yahoo.com Masinde Muliro University of Science and Technology, Kakamega, Kenya Mutua Stephen makau@gmail.com Masinde Muliro University of Science and Technology, Kakamega, Kenya Mugeni Gilbert gbmugeni@gmail.com Communication Authority of Kenya, Nairobi, Kenya Karume Simon smkarume@gmail.com Laikipia University, Eldoret, Kenya Gilbert Gilibrays Ocen gilbertocen@gmail.com Busitema University, Tororo, Uganda ABSTRACT The Internet of Things (IoT)is the network of physical objects accessed through the Internet that can identify themselves to other devices and use embedded technology to interact with internal states or external conditions. The continued growth of the internet of things phenomenon has led to an influx of a number of cybersecurity risks. This paper aimed at analyzing the most common classes of cybersecurity threats associated with IoTs and their impact on the security of the information systems. To achieve this, we examined and reviewed cybersecurity risks related literature of the IoT leading to the specification of the Internet of the Things cybersecurity landscape. Finally, this review provides insights for cybersecurity risks evolution, suggesting tools, methods and potential approaches that can help ensure a safe IoT environment. Keywords⸻ Internet of things, Cybersecurity risk, Security threats 1. INTRODUCTION The development of information and communications technologies (ICTs) enables businesses and individuals to communicate and transact with other parties electronically, instantaneously and internationally (Marco, 2010). Among these developments has been the advent of the Internet of Things (IoT) phenomenon which represents a major transformation in a digital world that has the potential to affect everyone and every business. The Internet of Things (IoT) is the network of physical objects accessed through the Internet that can identify themselves to other devices and use embedded technology to interact with internal states or external conditions Treffyn et al, 2013). According to Somayya, Ramaswamy, & Tripathi (2015), the Internet of Things is a novel paradigm shift in IT arena and is defined as an open and comprehensive network of intelligent objects that have the capacity to auto-organize, share information, data, and resources, reacting and acting in face of situations and changes in the environment. IoT describes a world where just about anything can be connected and communicate in a smart mode by combining data to produce usable intelligence. With the IoT, the physical world is becoming one big information system with the ultimate goal of improving the quality of life and empowering new business models. However, this also means that more personal information and business data will exist in the cloud and be passed back and forth through thousands of devices that may have vulnerabilities Cybercriminals are able to exploit the existence of a global digital world even in the presence of the necessary regulatory frameworks, laws, and related enforcement capability. In this paper, we identify and examine cybersecurity risks as enumerated in selected Information systems and from engineering research journals. We classify the papers to create taxonomies of the cybersecurity risk types in existence. Using these classifications, we observe the impacts between types of IoT cybersecurity risks and the methods used to mitigate them. 2. DATA Secondary data was collected from selected published cybersecurity papers in major Information Systems and engineering journals. We selected ten peer-reviewed journals with specific publications on cybersecurity risk related articles (Table 1). Since computer and information security researchers in the Information Systems discipline have traditionally published at least some of their research in engineering journals, we also included those engineering journals that are most important to the Information System discipline.