DHS Releases Strategic Principals For IoT
The Department of Homeland Security has released its guidelines for the Internet of Things. The release follows the National Institute of Standards and Technology, which put out its own engineering standards on Tuesday.
DHS says it has created the guidelines as a way of providing recommendations on securing IoT infrastructure.
The principles focus on the following key areas: incorporating security at the design phase; advancing security updates and vulnerability management; building on proven security practices; prioritizing security based on potential impacts; promoting transparency across the IoT ecosystem; and connecting carefully.
The majority of the recommendations included in the framework build on existing best practices within network security. DHS says the recent large scale attacks that relied on networks of connected devices pushed the agency to create and release these recommendations. Some have suggested that it is unlikely any formal security regulations come as a result of recent attacks but it is clear that at the agency level, officials are actively thinking about how to increase awareness of strong security practices.
“The growing dependency on network-connected technologies is outpacing the means to secure them,” said Secretary of Homeland Security Jeh Johnson in a statement. “We increasingly rely on functional networks to advance life-sustaining activities, from self-driving cars to the control systems that deliver water and power to our homes. Securing the Internet of Things has become a matter of homeland security. The guidance we issued today is an important step in equipping companies with useful information so they can make informed security decisions.”