The Internet of Things Security Foundation (IoTSF) has officially launched and set out its plans to respond to rising concerns surrounding cybersecurity challenges in IoT.
The creation of IoTSF follows an eight month investigative and consultative process which included staging the IoT Security Summit at the world famous Bletchley Park earlier this year. The summit validated a need to bring more focus to security issues and since that time work has continued to determine an appropriate response to both business and technical threats. As of now, IoTSF will bring an international and expert focus to promote excellence in IoT security with the ambition to “make it safe to connect”.
To meet identified needs, IoTSF has been setup as a non-profit, technology neutral body, which will take a system wide, holistic perspective on IoT security best practice. It is not a standards body but intends to work collaboratively with existing standards and other consortia “by default”. The programme of activities of the foundation will initially target three key stakeholder groups: technology providers, systems adopters and end users.
IoTSF has an executive steering board comprised of leading technology organisations and security experts including BT, Vodafone, Imagination Technologies, Royal Holloway University of London, Copper Horse Solutions, Secure Thingz, NMI and PenTest Partners. John Haine, industry veteran and visiting professor at the University of Bristol has been announced as the inaugural chair.
To accompany the launch, IoTSF announced three activities to initiate its work:
1. IoT security: the big picture.
2. Self-certification for product developers.
3. An inaugural conference which takes place on December 1st in London.
IoTSF is funded by a low-cost membership model and will supplement income through its own operations. It will also accept donation from benefactors who support its mission.
John Moor, VP Segment Development at NMI and IoTSF Director said:
“The formation of the Internet of Things Security Foundation has been through a rigorous process to make sure it is fit for purpose.”
“With so many concerns and a new complexity of security in IoT, it is important that we now start the necessary work in earnest to address known, yet not always addressed, and emerging vulnerabilities.”
“The scale and scope of the issues are formidable and as such they require a formidable response. This can only be achieved effectively by working together, so I am delighted to announce IoTSF is open for business and invite organisations to back the mission and join us. Together we can raise standards and make it harder for criminals, adversaries and rogues of all denominations to exploit us.”
Membership is now open to all stakeholder organisations around the world with more details available from the website www.iotsecurityfoundation.org
Professor Ben Azvine, Global Head of Security Research and Innovation at BT said:
“Improving the security of IoT is beneficial to consumers, suppliers and businesses. It will help to accelerate adoption of the technology and protect privacy and confidentiality of information. IoT Security Foundation (IoTSF) has an important role to play in achieving this, and BT is delighted to be driving its formation. We look forward to taking an active role in engaging with IoTSF members.”
“Recent high profile cyber-attacks have reinforced the necessity for high levels of security so that the rapidly growing IoT market can flourish,” said Robin Duke-Woolley, CEO of leading technology market analyst firm Beecham Research that specialises in IoT security. “This is a complex process to achieve, requiring high levels of interoperability between different domains often pursuing very dissimilar security goals. We see the IoT Security Foundation as an important new initiative to assist in bringing these together in a way that promotes rapid and secure IoT market development.”
“Security is critical to the success of the Internet of Things”, said Haydn Povey, CEO of Secure Thingz. “There are significant issues already arising through the current lack of security, including attacks on appliances, lighting systems, and bounce attacks onto PCs from compromised devices which needs to be addressed early by industry. We must also tackle the near certainty of future successful compromises”.
“The IoT Security Foundation will assist in the development of best practices for the nascent IoT domain, pulling in experienced individuals from MNO, Semiconductor, traditional InfoSec, Automotive and other domains, to ensure we do not repeat the painful mistakes of the past”
Says Majid Bemanian, director of strategic marketing, networking and storage, Imagination Technologies:
“Recent incidents make it clear that IoT devices must implement new security paradigms to address a range of new threats. Imagination is taking action today with new technologies for next-generation security and we are delighted to be part of the IoT Security Foundation, which we expect to be a significant vehicle for responding to the security concerns arising around IoT.”