Working groups tackle IoT security — GCN
- Working groups tackle IoT security
- Matt Leonard is a reporter/producer at GCN.
- Four working groups — made up of individuals from both private and public sectors – were formed in October 2016 to identify how improve the security of the IoT through upgradability and patching.
- In August, the agency announced that it would look specifically at IoT security upgradability and patching.
- Incentives, Barriers, and Adoption will release a taxonomy to describe the scope of incentives and barriers to IoT security.
National Telecommunications and Information Administration’s working groups made initial presentations on securing the internet of things.
@mikedayton: So many #IoT #Security “working groups”, so little actual #Cybersecurity
On Oct. 21, many popular websites fell victim to a distributed denial of service attack on DNS provider Dyn that was caused by the Mirai malware infecting unsecured Linux devices and turning them into bots for large-scale network attacks. While this event might have brought the issue of unsecured internet-of-things devices to the attention of a wide audience, such vulnerabilities were already a topic of discussion in cybersecurity circles.
In March 2015, the National Telecommunications and Information Administration issued a request for comments to ‘‘identify substantive cybersecurity issues … where broad consensus, coordinated action, and the development of best practices could substantially improve security for organizations and consumers.” Responses pointed to potential cybersecurity policies and practices related to IoT.
Then, in April 2016, NTIA asked for comments on the “benefits, challenges, and potential roles” for government in fostering the IoT. In August, the agency announced that it would look specifically at IoT security upgradability and patching.
Four working groups — made up of individuals from both private and public sectors – were formed in October 2016 to identify how improve the security of the IoT through upgradability and patching. The working groups gave presentations on Jan. 31.
Existing Standards, Tools and Initiatives will provide a catalog of existing IoT security standards and a research summary for internal use.
Before joining GCN, Leonard worked as a local reporter for The Smithfield Times in southeastern Virginia. In his time there he wrote about town council meetings, local crime and what to do if a beaver dam floods your back yard. Over the last few years, he has spent time at The Commonwealth Times, The Denver Post and WTVR-CBS 6. He is a graduate of Virginia Commonwealth University, where he received the faculty award for print and online journalism.