Home Tags GUIDELINES

Tag: GUIDELINES

ENISA Baseline Security Recommendations for IoT
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Baseline Security Recommendations for IoT Published on: 20 November 2017 The study which is titled ‘Baseline Security Recommendations for Internet of Things in the context of critical information infrastructures’, aims to set the scene for IoT security in Europe. It serves as a reference point in this field and as a foundation for relevant forthcoming initiatives and developments.
IoTAA - Internet of Things Security Guidelines
Organization: IoT Alliance Australia (IoTAA) Reference: Internet of Things Security Guideline V1.2 Published on: November 2017 The purpose of the Internet of Things Security Guideline is to provide comprehensive, top-level guidance to: promote a ‘security by design’ approach to IoT; assist industry to understand the practical application of security and privacy for IoT device use; be utilised by the IoT industry and digital service providers which use or provide support services for IoT deployments; and assist industry to understand some of the...
GSMA IoT Security Guidelines
Organization: GSMA Reference: IoT Security Guidelines Published on: Latest Update on 31 October 2017 V2.0. Published on 9 February 2016 IoT Security Guidelines is a comprehensive set of best practices promoting the secure end-to-end design, development and deployment of IoT solutions. Aimed for mobile service providers who are looking to develop new IoT products and services. Target audience: IoT Service Providers, IoT Device Manufacturers, IoT Developers, Mobile Network Operators. GSMA provides a set of documents which includes: IoT Security Guidelines for...
NIST-SP800-53-Security-and-Privacy-Controls-for-Information-Systems-and-Organizations
Organization: National Institute of Standards and Technology (NIST) Reference: SP800-53 Security and Privacy Controls for Information Systems and Organizations - Revision 5 (Draft) Published on: August 2017 NIST Special Publication 800-53 Security and Privacy Controls for Information Systems and Organizations is a comprehensive catalog of security controls developed for use with all U.S. federal information systems. Because of it's comprehensiveness, it became one of the key references for information systems security in other governments around the globe as well as businesses.
CPNI-Principles-of-cyber-security-for-connected-and-automated-vehicles
Organization: UK Department for Transport, Centre for the Protection of National Infrastructure, and Centre for Connected and Autonomous Reference: Principles of cyber security for connected and automated vehicles Published on: 6 August 2017 As vehicles continue to become smarter, it’s crucial that we take the correct steps to make them cyber secure. The 8 principles in this guidance set out how the automotive sector can make sure cyber security is properly considered at every level, from designers and engineers,...
NYC-Guidelines-for-the-Internet-of-Things
Organization: New York City Reference: Guidelines for the Internet of Things Published on: 14 July 2017 These guidelines provide a framework to help government and our partners responsibly deploy connected devices and IoT technologies in a coordinated and consistent manner. More than 35 leading cities, spanning 11 countries, have now joined New York City in this effort.
Microsoft-Internet-of-Things-security-best-practices
Organization: Microsoft Reference: Internet of Things security best practices Published on: 3 July 2017 To secure an Internet of Things (IoT) infrastructure requires a rigorous security-in-depth strategy. This strategy requires you to secure data in the cloud, protect data integrity while in transit over the public internet, and securely provision devices. Each layer builds greater security assurance in the overall infrastructure.
IETF-Best-Current-Practices-for-Securing-Internet-of-Things-IoT-Devices
Organization: The Internet Engineering Task Force (IETF) Reference: Best Current Practices for Securing Internet of Things (IoT) Devices (Draft) Published on: 3 July 2017 In recent years, embedded computing devices have increasingly been provided with Internet interfaces, and the typically-weak network security of such devices has become a challenge for the Internet infrastructure. This document lists a number of minimum requirements that vendors of Internet of Things (IoT) devices need to take into account during development and when producing firmware updates, in order...
IoTAA - Internet of Things Security Guidelines
Organization: IoT Alliance Australia (IoTAA) Reference: Internet of Things Security Guideline V1.0 Published on: 23 February 2017 The purpose of the Internet of Things Security Guideline is to provide comprehensive, top-level guidance to: promote a ‘security by design’ approach to IoT; assist industry to understand the practical application of security and privacy for IoT device use; be utilised by the IoT industry and digital service providers which use or provide support services for IoT deployments; and assist industry to understand some of...
OWASP-IoT-Security-Guidance-Web
Organization: Open Web Application Security Project (OWASP) Reference: IoT Security Guidance Published on: 14 February 2017 Basic list of fundamentals. Consists of: Manufacturer IoT Security Guidance Developer IoT Security Guidance Consumer IoT Security Guidance
FDA-Postmarket-Management-of-Cybersecurity-in-Medical-Devices
Organization: US Food and Drug Administration (FDA) Reference: Postmarket Management of Cybersecurity in Medical Devices Published on: 28 December 2016 Final version of the guidance informing industry and the FDA staff of the Agency’s recommendations for managing postmarket cybersecurity vulnerabilities for marketed and distributed medical devices.
ENISA-–-Securing-Smart-Airports
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Securing Smart Airports Published on: 16 December 2016 In response to the new emerging threats faced by smart airports, this report provides a guide for airport decision makers (CISOs, CIOs, IT Directors and Head of Operations) and airport information security professionals, but also relevant national authorities and agencies that are in charge of cyber-security for airports. Based on an in depth examination of existing knowledge as well as validation interviews with subject...
Secure-Technology-Alliance-–-Embedded-Hardware-Security-for-IoT-Applications
Organization: Secure Technology Alliance (Previously: Smart Card Alliance) Reference: Embedded Hardware Security for IoT Applications Published on: December 2016 This white paper describes basic security principles that are critical for IoT implementations and then reviews the application of these security principles for an example use case – managing the lifecycle of IoT devices. The white paper discusses embedded security – where hardware and/or software security mechanisms are built into the end devices used in an IoT architecture. The white paper then further focuses...
IoTSF-–-Vulnerability-Disclosure-Best-Practice-Guidelines
Organization: IoT Security Foundation (IoTSF) Reference: Vulnerability Disclosure Best Practice Guidelines Published on: 6 December 2016 The Connected Consumer Products best practice guide provides clear advice for firms that are bringing IoT class products to market. The guidelines cover the most important security elements to consider when designing a product such as application security, encryption, network connections and software updates. The guidelines take a practical approach and provide a comprehensive overview of the subject matter with additional in-depth materials supplied online.
IoTSF-–-Best-Practice-Guidelines-for-Connected-Consumer-Products
Organization: IoT Security Foundation (IoTSF) Reference: Best Practice Guidelines for Connected Consumer Products Published on: 6 December 2016 The Connected Consumer Products best practice guide provides clear advice for firms that are bringing IoT class products to market. The guidelines cover the most important security elements to consider when designing a product such as application security, encryption, network connections and software updates. The guidelines take a practical approach and provide a comprehensive overview of the subject matter with additional in-depth materials supplied online.