Internet of Things Security Landscape Study
First week of October 2019 the Internet of Things (IoT) Security Landscape Study was launched at ministerial level simultaneously at the Singapore International Cyber Week and at the One Conference in the Hague.
The Study identifies and discusses 11 interdependent IoT security challenges, and presents findings and recommendations based on analysis of the current technological and policy landscape. The rapid proliferation of IoT leads to an extremely complex ecosystem, which creates vulnerabilities that can be exploited by individuals or groups with malicious intent. The Study therefore aims to encourage Governments, industry bodies and vendors of IoT products and services to adopt the recommended security initiatives to address the challenge areas, drive standards and seed innovations to create a safe and secure IoT cyberspace.
Actionable recommendations of the Study
The Study of the IoT Security Landscape resulted in three concrete recommendations:
- Evaluation and certification of IoT devices in order to provide assured security baselines for a wide variety of devices. A globally aligned approach with government involvement is necessary.
- Monitoring and supply chain security along with global intelligence sharing for cybersecurity and trust at component level.
- Hardware security and trusted device identities, focusing on the security of different root-of-trust implementations and their suitability for different device types, including research on the use of alternatives such as PUFs for low-cost IoT devices.
Cooperation of the Study
The IoT Security Landscape Study was commissioned under the ambit of the Memorandum of Understanding between CSA and National Cyber Security Centre (NCSC) of the Netherlands, and supported by the Ministry of Economic Affairs and Climate Policy (MEAC) of the Netherlands. Singapore and the Netherlands jointly appointed TNO to study the IoT challenge.