This video is part of theTechXchange:Cybersecurity. You can also check out moreTechXchange Talksvideos.
TheWorld Economic Council on the Connected Worldrecently announced ajoint statement of support on consumer IoT device security. It included a list of five security “must haves” as a minimum requirement for consumer-facing IoT devices:
- Must not have universal default passwords.
- Must keep software updated.
- Must have secure communication.
- Must ensure that personal data is secure.
- Must implement a vulnerability disclosure policy.
The first four are ones that most developers would take for granted, but whether it's part of a corporate policy is another matter. Getting companies to pay attention to security concerns tends to be an ongoing struggle. Still, pronouncements like this can help elevate those efforts. TheETSIstandard 303-645, announced in 2020, also is part of the discussion.
I spoke with Haydn Povey, CEO of Secure Thingz, anIAR Systemscompany, about the announcement, what it means, and its impact(watch video above). IAR Systems and Secure Thingz issued ajoint statementsupporting the announcement.
Links
