A consortium of leading tech firms including BT and Vodafone have joined forces to create the Internet of Things Security Foundation (IoTSF), designed to ensure the security of IoT devices and respond to rising cyber threats. You may have missed the news as it does not seem to be super exiting; I can hear you say “yes one more time another industry body is being created, so what!”. However the important thing here, is that the foundation includes big names such as BT or Vodafone and that it is about the Internet of Things, one more proof that not only the IoT is here to stay, but that it is big and will get bigger and bigger.
The foundation, which has been set up as a non-profit body, also includes members such as Imagination Technologies, Royal Holloway University of London, Copper Horse Solutions, Secure Thingz, NMI and PenTest Partners as founding members, which make me think that it is mainly UK focused. Well I need to watch its coming activities to confirm or not. In the meantime, its mission and goals seem pretty clear:
The IoT Security Foundation has been established to respond to the many challenges and concerns over security:
- It is a non-profit organization dedicated to driving security excellence.
- It is a collaborative, vendor-neutral, international initiative which aspires to be the expert resource for sharing knowledge, best practice and advice.
- It is an interactive resource led by an executive steering board.
- It has an on-going program designed to propagate good security practice, increase adopter knowledge and raise user confidence.
So yes, they want to address security issues and concerns in the IoT space. Security is also one of the reasons why the Industrial Internet Consortium was created in 2014. Not surprisingly, amongst its goals we can find “build confidence around new and innovating approaches to security”.
Both associations seem to agree that as more and more devices will be connected (e.g. cars, home automation, NFC smartphone, etc…) this should multiply the number of potential entries for a network intrusion.
The IIConsortium focuses more on the Industrial space with the objective to accelerate the adoption of Internet-connected technologies across industries while the IoT Security Foundation seems to focus more on a consumer space, they both share the same interest, concerns about security and how to respond and tackle cyber threats. Their members are major actors in the IT industry, so why don’t they work together?