The $6trn importance of security standards and regulation in the IoT era

Digital encrypted Lock with data multilayers. Internet Security

We live in an era of digital transformation where more and more devices are connecting to bring new and innovative levels of service and efficiency. This transformation spans across all markets and the rate of progress is breath-taking, says David Maidment, director, secure device ecosystem at Arm.

This change brings huge benefits, but it also brings threats in the shape of an expanding cybercrime footprint. Every connected device is a hack potential. Rather than attacking traditional IT equipment, the cybercrime threats start to move to all aspects of our lives.

$6 trillion (€5.37 trillion) cybercrime

It is predicted that by 2021 there will already be US$6 trillion (€5.37 trillion) of cybercrime damage (Source: Cybersecurity Ventures Official Annual Cybercrime Report), which is a staggering number pinned against financial loss for businesses, without considering the damage to reputation and other harder-to-measure statistics.

When you pair this with an estimated average of 5,400 attacks on Internet of Things (IoT) devices every month (Symantec Internet Security Threat Report 2019) it’s clear to see why security standards have been rapidly evolving in the last 12 months. The cost of inaction is huge and ignoring security requirements isn’t an option. Governments, businesses and consumers across the world are starting to pay attention to this and look to the electronics industry for solutions.

As 5G connectivity expands, and we move towards a world of a trillion connected devices, government and industrial bodies are looking to implement preventative measures to protect against security vulnerabilities. It is now fundamental that every device is being designed securely from the outset and business processes have security in mind. Whether you have already embraced IoT, you’re exploring implementing it into your business, or you’re building the devices that will power this movement, there are crucial steps you should be taking to build assurance with customers, while also protecting your finances and brand.

 Security laws and standards

A number of governments have taken action to protect businesses and consumers, with laws and standards in place such as ETSI 303 645 (Cyber Security for Consumer Internet of Things)California State Law (SB-327) and NISTIR 8259 (Core Cybersecurity Feature Baseline for Securable IoT Devices). All of these provide guidance on how devices should be protected, from good password practice, all the way down to cryptography, audit logging and other security protocols.

This means that industries that have historically been unregulated are moving towards more self-regulation, which in turn is slowly becoming law. If you’re naive to these standards and are creating, or deploying, insecure devices into your business, you could find that the devices are pulled from operation hindering the way your business is running, but also cutting the revenue streams you depend on.

How can you protect your business?

With all this in mind, how can you successfully navigate the regulations that may impose rules for your business in the future? First and foremost, you should follow advice from a trusted source. All the regulations coming to market use different wording, have slightly different requirements and guidance. You’ll need an approach that is scalable and understandable, especially if you’re a worldwide business that works in multiple markets.

David Maidment

This is where many experts agree that a common framework of security best practice is really important, offering technical support to companies, but also a common language that everyone can understand and execute against. Independent schemes are already available and seeing fast adoption, such as PSA Certified which is being recommended by government guidelines, including the National Institute of Standards and Technology in the US.

It offers a framework to secure devices and an assurance scheme to check it’s being implemented correctly. A key element of what is offered is a mapping across key standards in various geographical locations. This gives you a checklist to implement security against if you’re creating devices, or to be looking out for when you’re procuring devices for your company.

Adopt a security framework

Whatever your approach, it’s critical that a framework for security best practice is adopted in your business and that security is never forgotten. Security isn’t a ‘one-and-done’ endeavour and companies must stay vigilant as the threat landscape continues to change. It’s positive to see security standards and regulations already in place, but for the IoT to really take off, we need to combat the lack of security validation of IoT devices and ensure trust is built in at the heart.

The author is David Maidment, director, secure device ecosystem at Arm.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow


FlorLink’s SmartHub solution connects to cloud using Sequans Monarch cellular IoT connectivity tech

Posted on: December 7, 2022

6 December 2022 – Sequans Communications S.A., a provider of cellular IoT chips and modules, and FlorLink, IoT technology and solutions provider, collaborated on FlorLink’s new SmartHub retail solution, which is now connected to the cloud by Sequans Monarch cellular IoT connectivity technology. SmartHub includes a large suite of sensors that can monitor multiple sales

Read more

PLVision launches SONiC Core to help organisations with faster network disaggregation

Posted on: December 7, 2022

1 December 2022 – PLVision, a custom software product development company focused on open networking systems has announced the launch of its SONiC Core initiative aimed at extending the reach of Community SONiC to drive its adoption in new, demanding markets. PLVision’s initiative will help simplify and speed up SONiC deployments and SONiC-based product development.

Read more

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more