Router and IoT Device Vulnerabilities: Solutions to a Design Flaw
The Internet of Things Security Foundation (IoTSF) ManySecured Special Interest Group (SIG) is working to outline high level solutions to a design flaw/problem that affects millions of IoT devices and standard Internet routers. We
Global cybersecurity leaders call on manufacturers to provision basic security features
February 15th 2022 Today, IoTSF joins forces with global cybersecurity leaders in calling on device manufacturers and vendors to take immediate action on basic security provisions. We fully support the aims of the Consumer
EXPLIoT Named IoT Security Champion Award Winner 2021
Pictured (left to right): Tom White Paratus People, Jenny Devoy IoTSF, John Moor IoTSF & Piers Linney, Guest Speaker EXPLIoT has been announced as the 2021 IoT Security Champion of the Year by
Genetics of a Modern IoT Attack
When it comes to IoT attacks and malware, there is a perceptible pattern in which most intrusions manifest. It is good practice to study such patterns and draw conclusions so that we may extrapolate to future attacks.
Release 3.0 of the IoT Security Assurance Framework Announced
Business ready: extends use into supply chain and aligns with more security standards November 17th, 2021 The IoT Security Foundation today announced the availability of Release 3.0 of it's ever-popular IoT Security Assurance Framework.
Shortlist Announced for the IoT Security Champion Award 2021
We are delighted to announce the finalists for the 3rd IoT Security Foundation Champion Award. This award seeks to celebrate organisations which demonstrate stewardship when it comes to IoT security.
Consumer IoT sector – basic cybersecurity hygiene practice still not happening
November 4th, 2021: New Report on Industry Adoption of Vulnerability Disclosure Practice Published. The IoT Security Foundation has published its 4th report which examines the practice of vulnerability disclosure in Consumer IoT - with
Major Update Released for IoTSF’s Vulnerability Disclosure Best Practice Guide
We’re delighted to announce Release 2 of our popular best practice guide on Vulnerability Disclosure Best Practice. This is an essential element of cybersecurity hygiene and was one of the first
Are we there yet?
When it comes to securing the Internet of Things “IoT”, the world cannot afford insanity, expecting different results from the same traditional ICT “cybersecurity”. No one can afford this.
Router and IoT Vulnerabilities: Insecure by Design
When directed to manage an IoT device or router using a browser, passwords and all communications are typically passed over an unencrypted connection. This is a security vulnerability which needs attention.
IoTSF Announces Sarb Sembhi Joins Executive Steering Board
August 2nd 2021 The IoT Security Foundation announced today that Sarb Sembhi, CTO of Virtually Informed, has joined its Executive Steering Board (ESB). Sarb has been a cybersecurity professional for over 20 years and
IoTSF Champion Award is Back in 2021 and Open for Applications
We're delighted to announce that applications for the prestigious IoT Security Foundation's Champion Award are now open and we're inviting you to apply.
TREs and the IoT – Enabling a Trusted Connected Future
The IoT landscape is notoriously under-secured. In the rush to meet demand for online products, services and infrastructure, many manufacturers have adopted a ‘connect first, think later’ strategy where security has been an afterthought. This has resulted in years of serious security and privacy breaches.
CALL FOR PAPERS LAUNCHED: IoTSF Virtual Conference 2021
2020 presented us with an opportunity to deliver a virtual IoTSF conference to an international audience of members and stakeholders, this was so well received that we will deliver the 2021 conference virtually to bring the conference to you - wherever you are in the world.
President Biden’s Executive Order on Improving U.S. Cybersecurity
This is a guest blog authored by Eric Greenwald, General Counsel at Finite State, and Matt Wyckhouse, Founder and CEO at Finite State.
UK Government Update on Plans for Consumer IoT Security Regulation
Today, UK's Department for Digital, Culture, Media and Sport (DCMS) published its response to the Secure by Design call for views in its quest to change the law to make ‘smart’ products - like televisions, cameras and household appliances that connect to the Internet - more secure for consumers to use.
IoTSF ManySecured Special Interest Group
With the support of the ManySecured project partners, the IoT Security Foundation has created a Special Interest Group (SIG) to facilitate Interoperable Security through Collaboration with stakeholders in the IoT ecosystem value chain.
Introducing Crypto Quantique
As a new member of the IoT Security Foundation, we asked the CEO of Crypto Quantique, Dr Shahram Mossayebi, to tell us how they are offering silicon vendors a unique hardware IP solution and complementary software platform to solve a number of security challenges including scalability, identity and cost.
The IoT Security Foundation and FIDO Alliance Announce Collaboration to Eliminate Passwords in IoT
Today, the IoT Security Foundation (IoTSF) and FIDO Alliance announced that they are collaborating to improve the status of IoT security.
Expanding the view of consumer vulnerability disclosure practice
Now in its third year, IoTSF's latest research report on Consumer Vulnerability Disclosure continues to shine a light on the poor performance of industry on the basic practice of vulnerability disclosure. Whilst incremental gains have been made, they are small and not worthy of celebration.
IoT Security Foundation launches co-ordinated vulnerability disclosure platform for IoT industry
An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation (IoTSF). VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations.