IoT standards groups are emerging to address issues of inter operability, communication protocols and security.
Consumer Reports will begin considering the cybersecurity and privacy safeguards of products when rating them – a long overdue move perhaps, given Internet of Things device manufacturers have previously been accused of doing the barest minimum to protect consumers.
The firm will steadily implement the methodologies across its reviews, starting with test projects evaluating a small number of products. The move follows a surge in cyberattacks which have exploited vulnerabilities in Internet of Things devices such as webcams, routers, digital video recorders and other connected devices.
At the end of the day, if security standards for IoT devices are to be useful, standard groups must help the average consumer evaluate the security of an IoT device. As these standards are being developed, they should maintain focus on this end goal.
Achieving this will undoubtedly take time, but it is, in my mind, the only true measure of success. IoT security standards must aim to serve as the cyber equivalent of an Underwriters Laboratories (UL) or CE safety ratings.
Standards groups should strive to create an IoT Security Standard (ISS) that is measurable and defines a minimum standard of security for devices. Consumers can trust that devices that are ISS rated provide a reasonable or acceptable level of security for common use.
