The Industrial Internet Consortium publishes IoT security maturity model white paper

The Industrial Internet Consortium® (IIC™), the organisation transforming business and society by accelerating the Industrial Internet of Things (IIoT), announced the publication of the IIC IoT Security Maturity ModelDescription and Intended Use white paper.

Building on concepts identified in the IIC Industrial Internet Security Framework, the Security Maturity Model (SMM) defines levels of security maturity for a company to achieve based on its security goals and objectives as well as its appetite for risk. This enables decision makers to invest in only those security mechanisms that meet their specific requirements.

“The Internet of Things has brought a lot of innovation to industries, but it also introduces new security threats. The security landscape is complex and always changing,” said Ron Zahavi, IIC Security Applicability group co-chair, the white paper co-author and chief strategist for Azure IoT Standards at Microsoft.

“It can be challenging for organisations to understand where to focus their security budgets, especially with limited resources. The Security Maturity Model provides organisations with an informed understanding of security practices and mechanisms applicable to their industry and scope of their IoT solution.”

“Over one-third of operational technology professionals in the enterprise identified security concerns as the largest impediment to production deployments of IoT projects, (Source: 451 Research, Voice of the Enterprise: Internet of Things OT 2018),” said Christian Renaud, research director, Internet of Things, 451 Research.

Christian Renaud

“This is consistent with the feedback we have received from information technology professionals over the last two years, and highlights the criticality of a common, extensible model for IoT security to move the industry forward.”

Organisations apply the SMM by following a process. First, business stakeholders define security goals and objectives, which are tied to risks. Technical teams within the organisation, or third-party assessment vendors, then map these objectives into tangible security techniques and capabilities and identify an appropriate security maturity level.

Following this, organisations develop a security maturity target, which includes industry and system-specific considerations, and capture the current security maturity state of the system.

“By periodically comparing target and current states, organisations can identify where they should make improvements,” said Sandy Carielli, white paper co-author and director of Security Technologies at Entrust Datacard. “Organisations achieve a mature system security state by making continued security assessments and improvements over time. They can repeat the cycle to maintain the appropriate security target as their threat landscape changes.”

The IIC IoT Security Model: Description and Intended Use white paper is an introduction to the SMM. The IIC Security Maturity Model: Practitioners Guide will be released in the coming months and will contain the technical guidance for assessment and enhancement of security maturity level for appropriate practices.

The full IIC IoT Security Maturity Model: Description and Intended Use white paper and a list of IIC members who contributed can be found on the IIC website.

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Automotive dual high-side gate driver EiceDRIVER 2ED4820-EM with SPI protects dependable 48 V battery systems

Posted on: January 21, 2022

Electrical Vehicles, trucks, e-wheelers and battery packs for solar panels. These Li-ion battery systems need to be protected against negative and positive voltages. In addition, these batteries must be able to quickly and reliably disconnect from loads within microseconds, in the event of an overcurrent. Since a battery unit may not be dedicated to one vehicle, status

Read more

Qualcomm with SB Technology and Cybertrust Japan to proliferate smart cities and 5G IoT solutions

Posted on: January 21, 2022

18 Jan, 2022 – Cybertrust Japan Co., Ltd., SB Technology Corp., and Qualcomm Technologies, Inc., announced they intend to collaborate to support the deployment of smart solutions through the Qualcomm IoT Services Suite offering to help businesses and entities looking to adopt and integrate smart solutions initially in Japan, with intent to expand globally in

Read more