The Internet of Things Security Foundation (IoTSF) ManySecured Special Interest Group (SIG) is working to outline high level solutions to a design flaw/problem that affects millions of IoT devices and standard Internet routers. We are also encouraging the development of working prototypes of potential solutions that can be tested for scale and usability. February
When it comes to IoT attacks and malware, there is a perceptible pattern in which most intrusions manifest. It is good practice to study such patterns and draw conclusions so that we may extrapolate to future attacks.
November 4th, 2021: New Report on Industry Adoption of Vulnerability Disclosure Practice Published. The IoT Security Foundation has published its 4th report which examines the practice of vulnerability disclosure in Consumer IoT - with an extension into enterprise and the B2B model. The report is seen as a cybersecurity progress barometer of the sector
When directed to manage an IoT device or router using a browser, passwords and all communications are typically passed over an unencrypted connection. This is a security vulnerability which needs attention.
The IoT landscape is notoriously under-secured. In the rush to meet demand for online products, services and infrastructure, many manufacturers have adopted a ‘connect first, think later’ strategy where security has been an afterthought. This has resulted in years of serious security and privacy breaches.
This is a guest blog authored by Eric Greenwald, General Counsel at Finite State, and Matt Wyckhouse, Founder and CEO at Finite State.
Today, UK's Department for Digital, Culture, Media and Sport (DCMS) published its response to the Secure by Design call for views in its quest to change the law to make ‘smart’ products - like televisions, cameras and household appliances that connect to the Internet - more secure for consumers to use.
Now in its third year, IoTSF's latest research report on Consumer Vulnerability Disclosure continues to shine a light on the poor performance of industry on the basic practice of vulnerability disclosure. Whilst incremental gains have been made, they are small and not worthy of celebration.
With the numerous advancements in technology today, we now have capabilities that, just a few decades ago, would have likely been thought impossible. It’s easier than ever to access the internet, video chat, call, and text from almost anywhere.
The IoT Security Foundation and Institute of Workplace and Facilities Management offer guidance on securing Building Management Systems and Internet of Things systems.