IoT security standards are necessary because the IoT is fundamentally insecure. It is hard to predict whether or not an IoT device will be hacked, and even if it is, what data will be compromised. There must be defined criteria for security standards for this technology to evolve responsibly without introducing new problems. Here is a quick rundown of some of the most recent security standards.

In the United States, in December 2020, the IoT Cybersecurity Improvement Act of 2020 was signed into law. This is the first piece of IoT legislation in the US aimed at ensuring that federal agencies only buy IoT devices that adhere to strict security protocols. A new cybersecurity standard for consumer IoT (ETSI EN 303 645 V2.1.1) products was introduced in the European Union in June 2020. The purpose of this standard is to encourage better security practices and the use of security-by-design concepts in the creation of new connected consumer products. The Department of Culture, Media, and Sport in the United Kingdom announced new measures also in June 2020 to protect users of internet-connected household devices from cyberattacks. They implemented a product assurance scheme that requires certified IoT devices to bear an assurance label or kitemark indicating that they have completed independent testing or a thorough and accredited self-assessment process.

When it comes to the IoT, one of the most crucial considerations is security. As the IoT grows more intertwined in people’s lives, security standards are required to keep it safe from hostile attacks and prying eyes. There is so much that can be done to improve IoT security, and this is an opportunity for bright minds to get together and influence the IoT’s future.

Finally please remember that you are welcome to contact me and suggest themes for future posts.