While IoT devices are often small, embd systems, the IoT is closely ti to the cloud because IoT devices use cloud services. “Whether it’s voice-controll assistants or talking Barbie dolls, they all interact with services in the cloud,” says Brian Russell, chair of the CSA IoT Working Group and chief engineer of Leidos’ Cyber Security Solutions. “While the CSA has well-develop cloud security guidance, including the Cloud Controls Matrix (CCM) and other guidelines, we realiz that unless the IoT products themselves are secure, the threats of compromise will persist.”
According to Russell
the IoT can be thought of as a “system of systems,” in which many components work together to make a service work. In such a scenario, the security of the system is only as secure as its weakest link.
“Unfortunately, IoT Cloud Security Alliance product manufacturers often have a hard time ensuring their products are secure because they haven’t had to do any engineering in this area before,” Russell said.
The lack of vendor Cloud Security macedonia whatsapp data Alliance expertise in security is compound by a shortage of skill security engineers to help IoT vendors. Russell add that developers ne a set of best practices to guide their product development lifecycle, and the new CSA guidelines are design to fill that gap.
As part of this report, the CSA outlin a methodology for secure IoT development that will be somewhat familiar to engineers who have been working on cloud and mobile security in recent years.
“IoT security has a lot in common
With similar issues in cloud and mobile, and lessons learn apply,” said John Yeo, senior research analyst at CSA.
But while there cloud Como integrar o marketing digital e o marketing tradicional Security Alliance are many similarities to existing security applications, IoT has its own unique elements, such as the ne to understand the role ao lists of a device’s hardware in its security or in the creation of vulnerabilities, Russell explain. IoT also differs somewhat from some other technology areas in that it often focuses on autonomous interactions between different types of products.