ARTASI

Objective : This study aims to identify and prioritize cybersecurity risks associated with IoT applications in the retail sector, an area critical to digital transformation and operational resilience. Given the challenges managers face in evaluating threats under uncertainty, the study introduces a novel methodological framework to enhance risk-based decision-making and strategic resource allocation.  Methodology: A hybrid approach combining Pythagorean fuzzy SWARA (PF-SWARA) and an alternative ranking technique based on adaptive standardized intervals (PF-ARTASI) within the FMEA framework is proposed. PF-SWARA is used to weight evaluation criteria, and PF-ARTASI ranks the identified risks. The model is applied to a case study in Iran’s retail sector. Sensitivity and comparative analyses are conducted to validate the robustness and effectiveness of the method. Results : The findings show that "Insecure Firmware/Software and Inadequate Patch Management" is the top cybersecurity risk, followed by "Lack of Standardization and Interoperability Issues" and "Physical Security concerns". The proposed PF-SWARA–ARTASI approach outperforms traditional FMEA and PF-MOORA methods in terms of result consistency, robustness, and practicality under uncertain conditions. Conclusion : This research makes four contributions: (1) It proposes the first integration of PF-SWARA and PF-ARTASI within FMEA; (2) applies a novel ranking method for risk prioritization; (3) provides an actionable list of prioritized cybersecurity risks in IoT-enabled retail; and (4) validates the model through extensive sensitivity and comparative analysis. The study provides a valuable decision-making tool for IT managers and contributes to the existing literature on fuzzy risk assessment in retail contexts.