We've run across a resource worth sharing, and it's a really informative IoT security map and security mapping tool.
The Internet of Things is like the Wild Wild West right now.
Manufacturers are racing IoT devices to market based on features, often with little or no consideration for cybersecurity.
Consumers and organizations purchasing these internet-connected devices are then forced to bolt on security—if it is possible, and if they have the necessary skills to do so.
How big is the IoT security challenge, and how can manufacturers improve Internet of Things device security?
Mapping IoT security risk
That's where the UK's Code of Practice for Consumer IoT Security comes in, along with a related IoT mapping tool, which you can access here. The story behind it is here:
The IoT world is currently heavily fragmented. Our intent was to understand how well existing recommendations and standards in the IoT security space map to the published Code of Practice from the UK government. This will help vendors and other stakeholders in the IoT ecosystem to understand how everything fits together. This will reduce time and effort significantly for many who need to answer questions about what is available around the world and also ultimately help to reduce fragmentation in the standards and recommendations space.
The IoT security mapping tool covers the following topics, among many others:
- No default passwords in the IoT
- Implementing a vulnerability disclosure policy for the IoT
- How IoT devices should securely store credentials and sensitive data
- Minimizing exposed attack surfaces in the IoT
And when it comes to attack surfaces in the IoT and reducing them, here is how things fit together. You can click to be taken to the live IoT map:
At SecureWorld, our main mission is helping security leaders to grow and improve, mainly through 17 cybersecurity conferences our team facilities across North America, along with web conference trainings.
And we also publish resources for cybersecurity professionals and frequent interviews with leaders on our YouTube channel.
We hope all this activity will help make the world more cybersecure.
