TMCnet News
CSA Launches New Security Guidance for Early Adopters of the IoTSAN FRANCISCO, April 20, 2015 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA) today unveiled a new guidance report titled, New Security Guidance for Early Adopters of the IoT, aimed at helping early adopters understand the security challenges surrounding the Internet of Things (IoT), and providing recommended security controls and sample use-cases for organizations implementing IoT capabilities. These controls have been tailored to IoT-specific characteristics to allow early adopters to mitigate many of the risks associated with this new technology. The IoT provides new and enhanced capabilities across diverse industries and enterprise functions, as well as unique security challenges associated with each market segment, use case and vendor community. However, sufficient research into the vulnerabilities associated with the IoT, and best practices for securely developing, deploying, trusting and maintaining IoT components has not yet been conducted. "Traditional security mechanisms such as secure software development and security controls engineering, common vulnerability and exploit (CVE) discovery and reporting, vulnerability management, and field upgrade and patching do not exist or are immature in most of the industries taking advantage of IoT platforms," said Luciano Santos, VP of Research and Member Services for the CSA. "Resarch is needed to allow organizations to design a trusted IoT ecosystem in their enterprise that securely utilizes the cloud for control and data connectivity. In the absence of this research, organizations will be forced to make substantial architectural decisions without sufficient data to understand the risks and identify appropriate mitigations." CSA is supporting the industry by decomposing the common devices types, markets and architectures of the IoT, and subsequently analyzing and recommending appropriate security mitigations across these commonalities. In future research in this area, CSA will associate each category with the appropriate cloud security standards, CCM controls, best practices and relevant governance. Research will help identify and document critical vulnerabilities associated with introduction of IoT in various enterprise environments and provide best practices for vulnerability mitigation. As part of its ongoing research, CSA will also provide developers with secure development guidance to ensure IoT components are designed securely from the start. Recommended security controls detailed in the report include:
The full report is freely available at https://downloads.cloudsecurityalliance.org/whitepapers/Security_Guidance_for_Early_Adopters_of_the_Internet_of_Things.pdf About Cloud Security Alliance Logo - http://photos.prnewswire.com/prnh/20130723/DC51526LOGO
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/csa-launches-new-security-guidance-for-early-adopters-of-the-iot-300067895.html SOURCE Cloud Security Alliance |