The good news is that operators and other stakeholders are ramping up their security offerings, giving enterprises the tools they need to heighten their IoT security. The bad news? Not enough companies are taking advantage of these offerings, risking exposure. And the lack of standards makes it difficult for companies to know which direction to turn in when it comes to securing their IoT solution.
Industry leaders, government agencies, experts and advocacy groups should all be coming together to implement common security standards for IoT. While there are some region-based standards out there and some organizations attempting to set standards, they are either few and far between or not yet entrenched. In fact, the state of California has one of the few official laws specifically addressing IoT device privacy and security in the world. GSMA (Global System for Mobile Communications Association) is also backing IoT SAFE (IoT SIM Applet for Secure End-to-End Communication), which will provide a common mechanism to secure IoT device-to-cloud communications.
But is this the solution and is it enough? While it’s a step in the right direction, we probably need to do more. Ideally, industry leaders, government agencies, recognized experts, and advocacy groups will band together to collaborate, design, and implement a common checklist of IoT security recommendations that organizations can use to ensure they are taking the right security precautions. We all know how vital standards are when it comes to IT, so IoT standards could, for example, be modeled on the US’s National Security Agency’s (NSA) or the European Union Agency for Cyber Security’s (ENISA) best practices for mobile devices or home networks but designed specifically with IoT security challenges in mind.
So, while the regulatory landscape for IoT security is evolving and standards are starting to be developed and introduced across the IoT value chain, there is still a lot of confusion and the regulatory picture remains complex and disjointed, with no common source or organization setting out recommendations or specifications that can be universally applied.
The good news is that there things are starting happen and is more to come in this area, so stay tuned and be prepared. And you are always welcome to get in touch with our friendly experts at Tele2 IoT, who are here to make sure all your IoT needs are met.