The Internet of Things Security Foundation (IoTSF) has been unveiled, a body of more than 30 firms, including BT, Intel and Vodafone.
The group is making its mission to vet internet-connected devices for vulnerabilities and flaws, and to encourage manufacturers to consider the security of connected devices at the hardware level. This is particularly important for businesses, because IoT devices connected to the corporate network offer ever more attack vectors via which to target organizations.
Addressing device vulnerability at the hardware level, for example through full disk encryption of hardware, will ensure that any data mined from the device is unusable and will be critical to business confidence in IoT devices.
“The creation of the Internet of Things Security Foundation should be heralded as a significant step towards the widespread adoption of IoT technology and devices,” said Darin Welfare, EMEA VP at encryption specialist WinMagic, in an email. “By setting stringent security standards for connected devices, businesses will also be encouraged to adopt IoT devices that help drive growth and improve business processes.”
According to the IDC, the global IoT market is projected to grow at a CAGR of 13% to $3.04 trillion in 2020, growing from $1.3 trillion in 2013, and billions of devices come online.
"There are a great many possibilities for businesses in all sectors including manufacturing, transport, health, home, consumer and public services,” said John Moor, representing the group. “However, there are ever-real security challenges that accompany those opportunities. It is vital to the adoption of existing and new systems that security is addressed from the start, that it is fit for purpose and it can be managed over the lifecycle of the system.”
By creating a dedicated focus on security, IoTSF aims to be the home for providers, adopters and beneficiaries of IoT products and services.
“IoT security standards today vary widely depending on device manufacturer and OS,” Welfare said. “However, the Internet of Things is still in its early stages and, historically speaking, all new technology is initially weak on security as manufacturers and developers assess functionality and vulnerability limits. Whilst the journey towards securing the Internet of Things is just beginning, this new industry body will be vital in setting the security standards that will determine the success of IoT.”