Informs IoT community on the status of international regulatory landscape

Release Date: November 22nd, 2018

The IoT Security Foundation (IoTSF) has published a new, free to download report today titled: “IoT Cybersecurity: Regulation Ready”. It is aimed at businesses that produce and use IoT systems as there ‘is a veritable minefield’ of regulatory issues that exist. Legal sanctions are highlighted, some of which may only become apparent when something goes wrong. Examples are given as to how regulators have already taken action against IoT providers using existing laws.

Readers are reminded that ‘security is a journey and not a destination’ and the landscape will change over time. Further regulation in the IoT ecosystem is regarded as being highly likely despite caution being applied by many governments who do not want to negatively impact innovation and the benefits of new products and services.

The report encourages industry to adopt a security mind-set and identifies 24 organisational and technical tools and resources that companies can adopt that exist today to help them become regulation-ready. In conclusion, to enable market adoption and mitigate risks, the report urges the IoT industry not only to be proactive, but also clearly communicate the measures it is taking to increase market confidence.

John Moor, Managing Director IoTSF, said “the regulatory landscape can be confusing and daunting for many, especially as there is no obvious and single regulation that covers IoT security. Gaps in knowledge exist among some of our members, their customers and the wider IoT community. As a result we have commissioned this report to help improve the situation and spark dialogue. We have been especially interested to highlight the relevant regulation that is currently in place, and also what is likely to come. The best way to protect a business in times of change is to position it favourably, hence we are urging industry to be proactive, take steps to mitigate and manage risk, and, most importantly adopt a security mind set.”

The report has been published in two versions; a ‘concise version’ (white cover) for time pressed executives, and a more detailed ‘full version’ (red cover) for professionals who need greater depth. It covers 15 policies, across five market regions of the European Union (EU), the United States of America (USA), the United Kingdom (UK), Australia and Singapore.

Both versions of the report can be downloaded for free from the IoT Security Foundation website at:

The Concise Version of the report has a white cover – click the image to download

The Full Version of the report has a red cover – click the image to download