Many commentators observe that the IoT devices just aren’t up to scratch, when it comes to security. GDPR requires vendors to and service providers to design things with security as standard. In February 2019, the European Standards body ETSI published security guidelines for the consumer Internet of Things aligning with IOT Security Compliance Framework.
IoT requires the best in all aspects of security — physical, operational technology, and cybersecurity. Thus, it makes sense to envisage IoT security as an ecosystem in itself. Unexpected challenges are likely to erupt because of the existence of several layers in the IoT ecosystem. This calls upon leaders to initiate regular automated risk assessments and simulations such that IoT specific breaches can be monitored closely. This helps businesses build reliable playbooks that enable organizations to respond to IoT security challenges.
Software installed on these devices could be potentially vulnerable, if it has not an automated security assessment before deployment. We take a look at how it’s possible to make the software that drives these devices and the backend serverless technologies secure based on requirements in IOT Security Compliance Framework.