Make it Safe to Connect

Our mission is to help secure the Internet of Things and make it safe to connect.

In doing so we aim to:

  • Aid confident adoption of secure IoT solutions, enabling their technology benefits;
  • Influence the direction and scope of any future necessary regulation;
  • Influence IoT procurement requirements including by Governments;
  • Increase capacity and the levels of security expertise throughout the IoT sector; and
  • Deliver business value to our members by building an eminent, diverse and international IoT security network.

We will support our mission by:

  • Composing and maintaining a comprehensive Assurance Framework of recommended steps for creating secure IoT products and services;
  • Promoting the adoption of the Assurance Framework to IoT service and product providers, IoT system specifiers, purchasers, and policymakers;
  • Composing and promoting security best practice guidance;
  • Collaborating and supporting IoT product and service assurance programs that use the IoTSF Assurance Framework.

Build Secure, Buy Secure, Be Secure

Watch the video: An introduction to the IoT Security Foundation, presented at the 2015 inaugural conference.

Watch the video: Why does everything get hacked? A panel at Cloudflare’s Internet Summit 2018 with IoTSF and Abertay University.

About Us

The IoT Security Foundation was established to respond to the myriad of challenges and concerns over security:

  • It is a not-for-profit organisation dedicated to driving security excellence.
  • It is a collaborative, vendor-neutral, international initiative aspiring to be the expert resource for sharing knowledge, best practice and advice.
  • It is a member-driven, interactive resource led by an executive steering board.
  • It has an on-going programme designed to propagate good security practice, increase adopter knowledge and raise user confidence.


IoT’s great potential: As technology costs have fallen, the benefits of the Internet of Things across sectors such as consumer, domestic, retail, manufacturing, energy, transport, health and public infrastructure have become increasingly attractive and realisable. The economic opportunity for those diverse connected systems is often estimated in trillions of dollars and employing billions of devices. With the advent of IPv6, the number of available individual addresses is a staggering 340 trillion, trillion, trillion. The trend is clear; systems are increasingly embedded, connected, scalable and growing in complexity.

The economic impact of IoT will be measured in $trillions. The number of connected devices will be measured in billions. With IPv6, over 340, trillion, trillion, trillion addresses are available. The IoT opportunity is huge.

Along with the opportunity comes the security challenge: With more and more devices becoming connected, the attack surface for adversaries is target-rich. What is considered secure today may not be tomorrow.  A typical IoT system will rely on data and networks of variable provenance, Cloud_pngdevices may be expected to run on batteries for many years and new vulnerabilities are likely to be required to be patched in the field and at scale. Whilst we can learn lessons from the pc and mobile era’s, IoT systems are breaking new ground and so are the security challenges.

IoT security is top concern for executives. Along with the technical challenges, IoT security is on the board room agenda. With more than just reputations at stake, it is imperative that technology providers, system adopters and users work together to ensure security is fit-for-purpose. It is fundamental to the adoption of systems and reaping the social and business benefits.