With a recent release, the Agelight Advisory Group, working with leaders in the public and private sectors, has released its IoT Safety & Trust Architecture and Risk Assessment Toolkit (ISTA). The goal of the ISTA is to help the market deliver on the promise of Internet of Things (IoT) by enhancing device security, safety and privacy practices, the group said.
As the IoT evolves and grows, it has huge potential for transformation and huge risk of exploitation if there are insufficient security, safety and privacy measures in place. The ISTA was designed to address these risks by harmonizing global efforts and providing a risk-assessment and scoring model to aid device manufacturers in their development efforts.
“The ISTA provides a blueprint to embrace security and privacy by design,” said Craig Spiezle, Managing Director, Agelight Advisory Group. “Organizations that adopt the ISTA can maximize user safety and peace of mind, while making security and privacy a part of their brand promise.”
The ISTA takes a pragmatic view based on a weighted scoring model that incorporates six core issues impacting developers today. Scoring criteria includes:
- The impact to the user
- The impact to the ecosystem and society at large
- Financial and performance impact
- Hazardization, physical and life safety risks
- Development costs and impact to market timing
- Regulatory and liability risk
“Developers and device manufacturers are overwhelmed with the challenges of delivering IoT-ready products that are safe, secure and private, both when they ship and throughout their lifecycle,” said Darron Antill, CEO, Device Authority. “The ISTA provides an actionable blueprint for the industry to realize the promise of IoT.”
Developed through a multi-stakeholder process, the ISTA reviewed more than 300 recommendations and incorporates many practices advocated by the U.S. Federal Trade Commission (FTC), the EU General Data Protection Regulation (GDPR), the EU Agency for Network and Information Security (ENISA), the U.K. government, the U.S. Consumer Products Safety Commission (CPSC), the U.S. Department of Commerce, the National Telecommunication and Information Administration (NTIA), and the National Institute of Standards and Technology (NIST).
“As a global organization working to advance smart home and building automation, we continually hear about the complexity of the security, safety and privacy landscape,” said Ronald J. Zimmer, president and CEO, CABA. “Agelight’s work harmonizing best practices, standards and regulations is a significant step forward in assisting industry stakeholders. While there is no perfect security or privacy solution, the ISTA provides a common-sense approach toward creating more secure, sustainable and private smart devices for home, work and play.”
The ISTA incorporated many practices advocated by ACT - The App Association, Consumer Reports, Center for Democracy & Technology, Continental Automated Buildings Association, the Internet Society, Niskanen Center, Online Trust and Integrity Council and Underwriters Laboratory, in addition to efforts supported by Device Authority, Microsoft, SecurityScorecard and Symantec.
At the upcoming Industrial IoT Conference and The Smart City Event, both taking place at the Cobb Galleria in Atlanta, Georgia, IoT Evolution and its guests will tackle these issues of trust and security in the IoT in great detail. To join the discussion and take home valuable lessons, register now for The IIoT Conference and The Smart City Event.
Ken Briodagh is a writer and editor with more than a decade of experience under his belt. He is in love with technology and if he had his druthers would beta test everything from shoe phones to flying cars.
Edited by Ken Briodagh
BACK TO Industrial IoT Evolution