(Image: Buffaloboy via Adobe Stock)
Question: Do standards or labels exist that certify secure Internet of Things (IoT) systems?
Loren Browman, senior security consultant, Optiv: No federally approved testing body currently exists to certify IoT device security in the way we have come to expect UL testing to certify products for safety issues.
The IoT industry remains fragmented with a lot of players, big and small, churning out a lot of products. While these products may be cool and innovative, many are produced without a security budget and are not held to any IoT-specific security standards. We have certainly seen IoT security awareness campaigns from organizations such as NIST and well-laid-out guidelines from associations such as the GSMA and now ISO, but guidelines and recommendations are not the same as certifications or regulated standards.
Product security is an increasingly important topic as the number of devices continues to grow rapidly and we become more reliant on these products and systems to provide access and control over sensitive infrastructure.
When investing in any connected device at an industrial or consumer level, the following can be signs that the manufacturer values security and has implemented best practices throughout the development of its pr ..
Support the originator by clicking the read the rest link below.
