The US National Cybersecurity Strategy

Tags: , , , |

The National Cybersecurity Strategy 2023 was released by the White House on March 2nd and is a comprehensive plan to safeguard the nation's critical infrastructure and citizens from cyber threats. With the exponential growth of the Internet of Things (IoT), the strategy recognizes the urgent need to address IoT cybersecurity concerns. The IoT Security Foundation

Continuous Assurance, Zero Trust Principles and the SNbD Digital Security by Design Challenge

Tags: , , , , , , , , |

The Secure Networking by Design project is part of the Digital Security by Design Challenge aimed at improving cybersecurity in today's digital landscape. It recognises the importance of continuous assurance processes in mitigating the risks of advanced attacks and evolving threat scenarios. Continuous assurance is a key component of the ManySecured® system, an open ecosystem

Major Update Released for IoTSF’s Vulnerability Disclosure Best Practice Guide

Tags: , , , , , , |

We’re delighted to announce Release 2 of our popular best practice guide on Vulnerability Disclosure Best Practice. This is an essential element of cybersecurity hygiene and was one of the first ever guides we published back in 2017 to support our mission to 'make it safe to connect'. So much has

Expanding the view of consumer vulnerability disclosure practice

Tags: , , , |

Now in its third year, IoTSF's latest research report on Consumer Vulnerability Disclosure continues to shine a light on the poor performance of industry on the basic practice of vulnerability disclosure. Whilst incremental gains have been made, they are small and not worthy of celebration.

Just 13% of Consumer IoT Firms Allow Vulnerability Reporting Despite Incoming Laws and International Standards

Tags: , , , , , , , , |

An analysis of 330 consumer IoT device manufacturers has revealed five of every six companies (86.7%, 286) don’t allow for vulnerability reporting. This would see them fall foul of new international standards and recently announced plans for a British IoT security law; as well as proposed Australian code of practice and recommendations from the US Dept of Homeland Security.