Security News > 2020 > November > Guide: Security measures for IoT product development
As organisations cannot always control the security measures of their supply chain partners, IoT supply chains have become a weak link for cybersecurity.
"Securing the supply chain of ICT products and services should be a prerequisite for their further adoption particularly for critical infrastructure and services. Only then can we reap the benefits associated with their widespread deployment, as it happens with IoT," said Juhan Lepassaar, Executive Director, ENISA. In the context of the development of the guidelines, ENISA has conducted a survey that identifies the existence of untrusted third-party components and vendors, and the vulnerability management of third-party components as the two main threats to the IoT supply chain.
As in most cases pre-prepared products are used to build up an IoT solution, introducing the concept of security by design and security by default is a fundamental building block to protect this emerging technology.
The agency has worked with IoT experts to create specific security guidelines for the whole lifespan of IoT devices.
These guidelines to help tackle the complexity of IoT focus on bringing together the key actors in the supply chain to adopt a comprehensive approach to security, leverage existing standards and implement security by design principles.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/hIaB1q7_XaY/