The IoT Security Foundation (IoTSF) is hosting its second Supply Chain Integrity Project meeting on Tuesday 12th May 09:30-13:00 BST. This virtual meeting will gather various supply chain stakeholders to discuss and establish the known security challenges within smart supply chains and analyse the priorities of this project.
Supply chains are increasingly recognised as a major vector for cyber-attacks. Highly notorious examples include Stuxnet and NotPetya. National security agencies including NIST (US), ENISA (EU), NCSC (UK) have begun developing recommendations for generic IT systems, but to date no organisation has released guidelines specifically developed for IoT. Supply chain security is also a real and present problem for device OEMs, who suffer billion in lost revenues through numerous abuses of their intellectual property, including counterfeiting, overproduction and IP theft.
Technologies and services to mitigate these problems exist, but the IoT industry is unable to evaluate them confidently.
The Supply Chain Integrity Project’s mission is to help IoT operators manage cyber risks to which they are exposed through their suppliers. By addressing the problem of delivering devices into deployments in a trustworthy initial state and maintaining their trustworthiness throughout their operational lifespans it supports the IoT Security Foundation’s mission to “Make it safe to connect”, and complements preceding work on securing deployed devices.
The project will gather information on IoT supply chains in order to build a representative model, security analysis of which will lead to a set of prioritised recommendations accessible to a wide audience beyond the security community. Participants will gain opportunities to show leadership through their contributions to the industry, and to gain a lead in their own product development.
This meeting is open to IoTSF members and non-members working within the smart supply chain, to register your place, email Angela Tansey
If you have any queries about this project, email firstname.lastname@example.org