GSMA announces new security guidelines to support growth of the Internet of Things

The GSMA announced the availability of new guidelines designed to promote the secure development and deployment of services in the growing Internet of Things (IoT) market. The document, The GSMA IoT Security Guidelines, has been developed in consultation with the mobile industry and offers IoT service providers and the wider IoT ecosystem practical advice on tackling common cybersecurity threats, as well as data privacy issues associated with IoT services.

The project has received the backing and support of the mobile industry including mobile operators AT&T, China Telecom, Etisalat, KDDI, NTT DOCOMO, Orange, Telefónica, Telenor and Verizon as well as vendor and infrastructure partners 7Layers, Ericsson, Gemalto, Morpho, Telit and u-blox.

“As billions of devices become connected in the Internet of Things, offering innovative and interconnected new services, the possibility of potential vulnerabilities increases,” said Alex Sinclair, chief technology officer, GSMA. “These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and an appropriate mitigating technology is deployed. A proven and robust approach to security will create trusted, reliable services that scale as the market grows.”

The GSMA’s IoT Security Guidelines have been designed for all players in the IoT ecosystem including IoT service providers, IoT device manufacturers and developers. They will help service providers build secure services by outlining technologies and methods to address potential threats, as well as how to implement them. They also establish the need for risk assessment of all components of an IoT service to ensure they are designed to securely collect, store and exchange data and successfully mitigate cybersecurity attacks. The Guidelines recently completed a thorough industry consultation with academics, analysts and other industry experts to ensure that they are as robust as possible.

“IoT is all about making the things in your life smarter,” said Cameron Coursey, vice president, Product Development – IoT Solutions, AT&T. “Security is paramount to something that touches and influences our lives as deeply as IoT. These guidelines are a vital initiative towards realising the vision of a robust and highly secure IoT ecosystem.”

Crucial step in IoT security

Dr. Mihai Voicu, CSO of Telit said, “Security is surfacing as the most important discussion topic in the IoT. Telit welcomes the initiatives from GSMA related to IoT security. As fully vested participants in the development of the IoT Security Guidelines, we consider them a crucial step, establishing a baseline on which solutions can be built. These guidelines must be seen as the foundation for security pertaining to the most critical elements of the IoT ecosystem: end-points, services and network.”

“There is a significant amount of evidence to suggest that cyberattacks are already happening in the burgeoning IoT space. If not handled appropriately, these attacks are likely to inhibit the growth and stability of the Internet of Things,” commented Don A. Bailey, founder and CEO, Lab Mouse Security. “It is imperative that the industry adopts a standard approach for dealing with security risks and mitigations, helping to ensure that the entire IoT ecosystem will not be subject to fraud, exposures of privacy, or attacks that affect human life.”

The GSMA IoT Security Guidelines have been developed through the GSMA Connected Living programme. The programme is designed to help operators accelerate the delivery of new connected devices and services in the M2M market. It focuses on driving industry collaboration, promoting appropriate regulation and optimising networks to support the growth of M2M in the immediate future and the IoT in the longer term.

The IoT Security Guidelines are available to download here: www.gsma.com/connectedliving/iot-security-guidelines

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

Recent Articles

Hitachi Capital, Yokogawa and amnimo partner to view IIoT equipment status

Posted on: March 27, 2020

Hitachi Capital Corporation, Yokogawa Electric Corporation, and amnimo Inc., a subsidiary of Yokogawa, have struck a new partnership agreement. The aim is to provide new services by adding Industrial IoT (IIoT) to each company’s technologies, know-how, and lease equipment.

Read more

Veeva data cloud to deliver new approach for patient and prescriber data

Posted on: March 26, 2020

Veeva Systems, has announced Veeva data cloud to help support the industry by bringing greater innovation and choice to the data market. Veeva data cloud will include longitudinal patient and prescriber data offerings that will cover retail and specialty distribution channels, initially tailored for commercial use cases such as launch planning, patient segmentation, commercial analytics,

Read more