The Department for Homeland Security (DHS) has issued a set of 'Strategic Principles' for securing the Internet of Things (IoT). They highlight relevant best practice and are also aimed at giving stakeholders the ability to make risk-based security decisions as they procure, design, manufacture or use connected devices and systems.
The document sets out 6 Principles on how to secure IoT today, these are:
- Incorporate Security at the Design Phase
- Advance Security Updates and Vunerability Management
- Build on Proven Security Practices
- Prioritise Security Measures according to potential impact
- Promote transparency across IoT
- Connect carefully and deliberately
These principles align well with the security elements contained within techUK's Trust Principles in an IoT World.
The DHS make clear that these principles should be, but too rarely are, adhered to today. They go further to propose four additional lines of work that they and others should pursue:
- Coordinate across federal departments and agencies to engage with IoT stakeholders and jointly explore ways to mitigate the risks posed by IoT
- Build awareness of risks associated with IoT across stakeholders
- Identify and advance incentives for incorporating IoT security
- Contribute to international standards development process for IoT.
techUK will be focusing on security in the IoT in 2017. If you would like to find out more contact:
techUK published this content on 18 January 2017 and is solely responsible for the information contained herein.
Distributed by Public, unedited and unaltered, on 18 January 2017 16:11:01 UTC.
Original documenthttp://www.techuk.org/insights/news/item/10063-dhs-produce-strategic-principles-for-securing-the-iot
Public permalinkhttp://www.publicnow.com/view/6C6A2D68CD8E32B24BE98F4B8ABF2A67E39DD2D1
