The Home of IoT Security Best Practice and Next Practice

Raising the bar on digital safety and security

We are the Super Blue Team, and we’re here to help. The Internet of Things Security Foundation (IoTSF) is a not-for-profit, global membership association working to make the connected world ever-more secure. We are an international response to the complex challenges posed by cybersecurity in the expansive hyper-connected world of IoT. By collaborating on cyber protection, we can raise the quality bar for secure IoT. Working with our members, we like to think of ourselves as the super blue team of defenders and a natural home for IoT users, technology providers, standards and policy makers.

In diversity we have strength. We each have a valuable role in keeping the digital world secure. Our stakeholders include IoT hardware and software product vendors, network operators, system specifiers, integrators, distributors, retailers, insurers, local authorities, academic institutions, government agencies security professionals, researchers and risk managers – anybody with an interest in cyber safety, security and privacy.

Join The Mission

Security is a team sport: by working together we can build safer and defend better – we are stronger.
Becoming a member is a solid investment for you and your business – it shows you care; we invite you to come and join the super blue team.

The Importance of IoT

$ The economic impact of the Internet of Things will be measured in $trillions.
∑ The number of connected devices will be measured in billions.
∞ The resultant benefits of a connected society are significant, disruptive and transformative.

IoT Needs to be Secure

Yet along with the many societal, environmental and economic benefits, the rapidly-expanding connected world, represents a growing attack surface for adversaries of all denominations to exploit. Everyday vulnerabilities in IoT are being used for malicious intent – yet the vast majority of them can be prevented simply and cost-effectively.

Enter IoTSF: We’re here to help make it safe to connect so the many benefits of IoT can be realized. Through a dedicated program of guidance, reports, events, training, standards, advocacy and so much more, we represent a collaborative international response to the wicked challenge of IoT insecurity.

Best Practice: Be sure to explore the rich content on this site including Reports and Best Practice Guides (Publications from the navigation bar), Conference Talks (Knowledge Resources from the navigation bar) and see our Working Groups (Activity from the navigation bar).

Next Practice: Routers and Gateways have a unique position when it comes to defence. See our ManySecured Project to see how we’re developing collaborative AI to provide Cognitive Security.

Security Best Practice – Why & How?

Why do we need IoT security best practice? What is it and how can the IoT Security Foundation help? These questions – and more – are answered in this short presentation from one of our members.

The IoT Security Assurance Framework

The IoT Security Assurance Framework is a practical resource that helps IoT vendors provide fit-for-purpose security in their products and services. It is a guide and expert reference which will lead you through a risk management process to determine your security objectives. IoTSF members can also download a free configurable tool which assists in the compliance and self-certification process.

The latest version of the Framework can be downloaded for FREE from the Publications Page

IoT Security Self Certification

Want to self certify against our IoT Security Assurance Framework and use the Best Practice User Mark?

You can – it’s free and simple – take a look at the FAQ HERE

Featured Talks

Conference 2021:

Standards, Regulation, Vulnerability Disclosure & Labelling Schemes

Moderator: Roger Shepherd, Chipless

Participants: Jen Ellis, Rapid 7; David Rogers, Copper Horse; Laurie Mercer, HackerOne; James Skuse, GSMA

Please hit the like button and subscribe to our YouTube channel – you can also find more insightful talks and links from expert speakers under the Knowledge Resources navigation tab.

Consumer IoT, best practices and regulation: The “Consumer IoT Security Quick Guides” help global organisations better understand and comply with new international standards, regulations and national guidance on consumer IoT security. See the short videos for a quick overview and go to our consumer IoT page to download the guides and see the on-demand webinars.

No Universal Default Passwords

Keeping Software Security Updated

Vulnerability Reporting and Disclosure Policy

NEW: IoT Cybersecurity for Facilities Professionals in the Smart Built Environment

Click to download the best practice guide

NEW: The Use of Software Bills of Materials for IoT and OT Devices

Click to find out more and download the white paper

New Report: Consumer IoT Security 2023

Read More...

Atsign Named IoT Security Champion Award Winner 2022

Read More

Promote IoT Security in Your Area - it's as simple as 1 2 3

Start An IoTSF Chapter

Securing The Internet of Things Supply Chain Report

Free Download

IoT Security Assurance Framework Release 3.0

FREE DOWNLOAD

IoTSF's Vulnerability Disclosure Best Practice Guide

Download FREE guide here

Router and IoT Vulnerabilities: Insecure by Design

Download our Whitepaper

Consumer IoT: New Standards and Regulation

Download our Quick Guides