Information Security Forum Analyzes the Security Implications of the Internet of Things (IoT)
By: Information Security Forum
In an effort to support global organizations, the ISF today announced the release of Securing the IoT: Taming the Connected World, the organizations latest digest which helps security professionals better understand the security implications of the IoT. Based on external and ISF member research, this paper explores:
• Definitions of the IoT
• Technical characteristics
• Fundamental security issues
• Emerging security practice
• Legal and regulatory landscapes
"The IoT has become a reality and is already embedded in industrial and consumer environments. It will further develop and become an essential component of not just modern life, but critical services," said Steve Durbin, Managing Director, ISF. "Still, at the moment, it is inherently vulnerable, often neglects fundamental security principles and is a tempting attack target. This needs to change."
The IoT is often perceived as new and cutting edge, but similar technology has been around since the last century. What has changed is the ubiquity of high-speed, low-cost communication networks, and a reduction in the cost of compute and storage. Combined with a societal fascination with technology, this has resulted in an expanding market opportunity for IoT devices, which may be broadly split into two categories: consumer and industrial IoT.
"It's important that information security functions take a proactive approach to this potentially poorly secured world and ensure that the IoT does not represent a weak spot in organizational defenses," continued Durbin. "Enterprises with the appropriate expertise, leadership, policy and strategy in place will be agile enough to respond to the inevitable security lapses. Those who do not closely monitor the continued growth of the IoT may find themselves on the outside looking in."
Securing the IoT: Taming the Connected World is available now to ISF Member companies via the ISF website (http://www.securityforum.org).
About the Information Security Forum
Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organizations from around the world. The ISF is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members. For more information on ISF membership, please visit https://www.securityforum.org/