Priya PatelTLDR:
- New IoT security standards aim to improve device safety and cyber resilience across industries.
- The Connectivity Standards Alliance has published the IoT Device Security Specification 1.0 to create a single standard and certification program.
IoT devices have been flagged as vulnerable to cyber threats, posing risks to users and the wider world. The new standards aim to address these concerns by consolidating requirements from multiple international regulations into a single program. Manufacturers must comply with specific security provisions and provide evidence to authorized test labs to receive a ‘Product Security Verified’ badge.
The specification includes technical requirements, password uniqueness, protections against authentication attacks, data storage best practices, support for software updates, and more. It also emphasizes transparency around device capabilities, data processing, vulnerability disclosure, and expected cyber security costs for end users.
With governments increasingly focusing on IoT security risks, the new standards come at a crucial time. The US and UK have initiated voluntary cyber security labeling programs, highlighting the urgency for improved IoT security. The industry-backed standards aim to enhance device safety and protect against cyber threats in the evolving IoT landscape.
