SBOM and Memory Safety Software Bill of Materials (SBOM) are gaining momentum within the industry, largely due to the enactment of the “Executive Order on Improving the Nation’s Cybersecurity”[1]. This act will lay the foundations for formally publishing an “ingredient list” for software based products. This ingredient list is intended to provide transparency to
Digital Security by Design: Transforming Digital Technology for a Safer Future. The second day of CyberUK 2023 focused on the newly launched joint guide for Security by Design and Default by CISA and NCSC. The guide highlights the best practices for a secure hardware foundation, including fine-grained memory protection as provided by the CHERI
The Digital Security by Design Programme and the Secure Networking by Design Project: Part 1 CyberUK23, the UK's National Cyber Security Centre’s flagship event took place on 19 – 20 April in Belfast. I represented the IoT Security Foundation (IoTSF) together with the Secure Networking by Design team, Professor Andrew Martin (University of Oxford),
The National Cybersecurity Strategy 2023 was released by the White House on March 2nd and is a comprehensive plan to safeguard the nation's critical infrastructure and citizens from cyber threats. With the exponential growth of the Internet of Things (IoT), the strategy recognizes the urgent need to address IoT cybersecurity concerns. The IoT Security Foundation
The exciting new series of monthly Zoom webinars continue on Thursday 30th March. The topic will be Smart Built Environment Guidance for Facilities Professionals. Taking place on the final Thursday of every month throughout 2023, we’ll showcase the latest thought leadership on a range of topics so that you stay ahead of
The Secure Networking by Design project is part of the Digital Security by Design Challenge aimed at improving cybersecurity in today's digital landscape. It recognises the importance of continuous assurance processes in mitigating the risks of advanced attacks and evolving threat scenarios. Continuous assurance is a key component of the ManySecured® system, an open
SBOMs in the procurement and maintenance of connected devices Regulators in many domains have begun to look seriously at software vendors’ and operators’ management of supply chain risks. Recent software-related events have woken them up to modern software supply chains leaving connected systems highly vulnerable to attack, so they are making new rules. Vendors
New security legislation in the UK is being implemented in response to an ever-changing cybersecurity threat landscape within the telecoms sector. It is expected to have a positive ripple effect beyond the UK's shores as it shifts the sector toward stronger networks, more resilient to cyber-attacks. About the UK's Telecommunications (Security) Act The Telecommunications (Security)
Routers, Vulnerabilities and Attacks In recent years we've paid special attention to cyber-attacks which can be initiated remotely - from anywhere across the globe. This is because they can scale very easily and have impacts on specific targets, but can also wreak havoc with collateral damage on unintended victims. Of all the devices that
As we start the new year and move into 2023, there are some key developments at IoTSF that we’d like to keep you updated on – especially our support and participation in the Digital Security by Design challenge. But first, what is the Digital Security by Design challenge? The team at the University of
