Question 1

What is IoT Security?

Accepted Answer

IoT, or The Internet of Things, refers to the billions of physical devices worldwide that are now connected to the internet, collecting and sharing data. IoT Security is the effort to secure the clouds, applications and devices that make up the IoT ecosystem.

Question 2

What is an IoT Security assessment?

Accepted Answer

An IoT Security assessment is a test performed by an qualified assessor aimed at understanding the gaps in security in an IoT ecosystem. This often includes testing the three main components of any IoT ecosystem: the cloud, the application and the device.

Question 3

Why should I get an IoT assessment?

Accepted Answer

One or more of these drivers are the reasons you may need an IoT assessment:

• Regulation(s) – Many regulations now require organizations to assess the security of their IoT environments. The key here is knowing exactly how much (and how little) assessment you need to ensure you are “compliant”.

• Customer(s) – If your customers (or management or a regulator) need proof your environment is safe, you may have options regarding how you demonstrate that proof. It’s essential to know what form(s) of attestation will work best for you and your customers.

• Partner(s) – Cloud services like Alexa and Spotify are putting up walls and building moats around their cloud environments and requiring proof that you can leverage their services securely (often requiring that you comply with their particular requirements). If accessing third party cloud services to extend your product ecosystem is a must, so then is complying with its security demands.