Internet of Things Security Council
The Internet Society defines Internet of Things (IoT) to mean “the extension of network connectivity and computing capability to objects, devices, sensors and items not ordinarily considered to be computers. These ‘smart objects’ require minimal human intervention to generate, exchange and consume data; they often feature data collection, analysis and management capabilities.”
Analysts are forecasting over 26 billion IoT connections by 2020 for a wide variety of applications in many industries, including industrial, energy, automotive, smart city, healthcare, freight/logistics, and home automation. The pervasiveness of connected devices and the impact that they will have on society demands proactive discussion of potential security vulnerabilities and architectures/technologies that have been designed to mitigate the vulnerabilities. Security vulnerabilities have already been found in initial IoT implementations; it is critical for the growth of the market that security and privacy be designed into the IoT ecosystem.
The Secure Technology Alliance IoT Security Council was formed to develop and promote best practices and provide educational resources on implementing secure IoT architectures using “embedded security and privacy.” The Council will focus on IoT markets where security, safety and privacy are key requirements and will leverage the industry expertise and knowledge gained from implementing embedded security technology for payment, identity, healthcare, transport and telecommunications systems to provide practical guidance for secure IoT implementations. The Council will provide a unified voice for the industry to the broader IoT ecosystem.
The Iot Security Council will work on projects to:
- Accelerate market adoption of secure IoT architectures that incorporate embedded security and privacy
- Provide a forum for intra-industry and cross-industry collaboration on secure IoT architectures
- Provide a business-focused organization to discuss best practices and implementation of IoT architectures using embedded security and privacy
- Provide a single organization where all industry stakeholders can network, share implementation experiences, and discuss applications and security approaches
- Identify and collaborate with other industry organizations to define and promote standards for secure IoT architectures using technologies that provide embedded security and privacy
Download description of Council mission, activities and membership.
Council Resources and Publications
The Identity Council is managed by a steering committee made up of participants from across the industry. The current Identity Council Steering Committee is:
- Sandy Carielli, Entrust Datacard
- Andrew Jamieson, UL
- John Neal, NXP Semiconductors
- Sri Ramachandra, G+D Mobile Security
- Christopher Williams, Exponent
The IoT Security Council is one of several Secure Technology Alliance Technology and Industry Councils. Council participation is open to any Secure Technology Alliance member who wishes to contribute to the Council projects.
Secure Technology Alliance members who participate in the IoT Security Council include:
- American Express
- Burden Consulting Ltd
- CardTek USA
- CPI Card Group
- Datawatch Systems, Inc.
- Defense Manpower Data Center
- Discover Financial Services
- Entrust Datacard
- Exponent, Inc.
- First Data
- G+D Mobile Security
- HID Global
- Identification Technology Partners Inc.
- Infineon Technologies
- Interac Association/Acxsys Corporation
- IQ Devices
- Jacobs CH2M
- Metropolitan Transportation Authority
- NextgenID, Inc.
- NXP Semiconductors
- Quantum Secure Inc.
- SAIC – Science Applications International Corporation
- San Francisco Bay Area Rapid Transit District (BART)
- Scheidt & Bachmann
- SigNet Technologies, Inc.
- Southeastern Pennsylvania Transportation Authority (SEPTA)
- Tyco Software House
- Underwriters Laboratories (UL)
- U.S. Department of Transportation/Volpe Center
- Valid USA
- Visa Inc.
- Wells Fargo
- XTec, Incorporated