Major Tech Brands Form Alliance For IoT Device Security

Securing the Internet of Things continues to be top-of-mind for major brands, as another alliance was just formed to tackle IoT security.

The IoT Cybersecurity Alliance, which plans to research and advocate for industry best-practices for IoT security, is a new collaboration between IBM, Nokia, Symantec, Palo Alto Networks, Trustonic and AT&T.

"The explosive growth in the number of IoT devices is only expected to continue and so must the associated cybersecurity protections," stated Mo Katibeh, senior vice president of advanced solutions at AT&T.

"Today's businesses are connecting devices ranging from robots on factory floors to pacemakers and refrigerators,” he said. “Helping these organizations stay protected requires innovation across the whole IoT ecosystem to enable sustainable growth.”

The alliance plans to approach IoT security from an ecosystem-wide perspective, with a focus on building security into every layer of that environment, including hardware and software in devices and the cloud.

Here are the four goals of the IoT Cybersecurity Alliance:

  • Research and collaborate on security challenges across all IoT markets
  • Dissect and solve IoT security problems at every critical layer
  • Make security easy to access across the ecosystem
  • Influence security standards and policies

Fundamentally, the alliance says the ultimate solution for IoT security is to secure every possible entry point within the Internet of Things and also to leverage threat analytics to determine potential vulnerabilities.

Over the course of the last three years, the number of attackers scanning for security vulnerabilities in IoT devices has increased more than 3,000%, according to AT&T.

The alliance also calls for security to be built directly into IoT devices and to remain always on by default, which is a recommendation shared by other IoT-related groups and alliances.

For example, the U.S. Department of Homeland Security’s set of IoT security principles calls for device makers to enable security by default and require additional action to disable security features, as the IoT Daily reported at the time (U.S. Issues Guidelines For IoT Security).

The ecosystem-wide approach to IoT security seems to be shared in another alliance’s IoT security principles as well. The Smart Card Alliance recently released its IoT security guidelines, which are modeled after the highest level of government security and focus specifically on security throughout the entire IoT product lifecycle (Another Set Of IoT Security Principles Introduced).

"Be it a connected car, pacemaker or coffee maker, every connected device is a potential new entry point for cyberattacks," said Bill O’Hern, chief security officer at AT&T.

"Yet, each device requires very different security considerations,” he said. “It's become essential for industry leaders and innovators, like those in the founding members of this alliance, to work together to help the industry find more holistic security approaches for IoT.

If the industry as a whole fails to adequately address IoT security, the FCC has said it plans to take action (Now FCC Stepping In On IoT Regulations).

Next story loading loading..