The GSMA’s IoT Security Guidelines have been designed for all players in the IoT ecosystem including IoT service providers, IoT device manufacturers and developers. They will help service providers build secure services by outlining technologies and methods to address potential threats, as well as how to implement them. They also establish the need for risk assessment of all components of an IoT service to ensure they are designed to securely collect, store and exchange data and successfully mitigate cybersecurity attacks.
The project was supported by mobile operators AT&T, China Telecom, Etisalat, KDDI, NTT DOCOMO, Orange, Telefónica, Telenor and Verizon; and vendor and infrastructure partners 7Layers, Ericsson, Gemalto, Morpho, Telit and u-blox.
The GSMA recently completed a thorough industry consultation with academics, analysts and other industry experts to ensure that the Guidelines are as robust as possible.
“As billions of devices become connected in the Internet of Things, offering innovative and interconnected new services, the possibility of potential vulnerabilities increases,” said Alex Sinclair, chief technology officer at the GSMA. “These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and an appropriate mitigating technology is deployed. A proven and robust approach to security will create trusted, reliable services that scale as the market grows.”
“There is a significant amount of evidence to suggest that cyberattacks are already happening in the burgeoning IoT space. If not handled appropriately, these attacks are likely to inhibit the growth and stability of the Internet of Things,” commented Don A. Bailey, founder and CEO of Lab Mouse Security. “It is imperative that the industry adopts a standard approach for dealing with security risks and mitigations, helping to ensure that the entire IoT ecosystem will not be subject to fraud, exposures of privacy, or attacks that affect human life."