Industry-Led Security Approach Key to IoT’s Commercial Future

March 1, 2018

Ian Smith, IoT Security Director, GSMA
With broadening connectivity comes, unfortunately, greater potential for breaches of security.  As the IoT expands, bringing an ever-increasing array of previously standalone objects online, there are correspondingly more points of entry for hackers to target. The GSMA and its members take nothing more seriously than security; it is the prerequisite to everything else we do. Consumer and customer confidence is essential to the IoT’s ability to scale to its full potential – without the trust of those using services and products that they are safe while they do so, the demand simply will not be there to drive forward investment.

Thankfully, a great deal of work is going into achieving that trust, among some of the most effective security professionals on the planet. The mobile industry has an excellent record of providing secure, reliable services, earning operators the status they now enjoy as the established and trusted providers of secure IoT services.

Building on this work – and taking it forward to meet new challenges as the IoT scales – the GSMA has developed IoT Security Guidelines, a comprehensive set of best practice recommendations which provide a proven approach to end-to-end security.  Solutions can be checked for compliance with the Guidelines by way of the IoT Security Assessment, a straightforward and flexible framework which takes into account the immense diversity of the IoT market.

This was welcomed at our seminar yesterday on IoT Security – Creating a Connected and Secure Future, a special session bringing together some of the world’s leading authorities in cybersecurity. Delegates gathered to hear discussions among those at the forefront of securing the IoT, and consider the best approach to ensuring this in future.

“Transparency on security credibility is key – it’s all very well and good saying you’re secure, but you need to prove it,” warned Francisco Jose Ramirez Vicente, IoT Security Researcher at ElevenPaths.  “Furthermore, IoT is very diverse. Any assessment-based process has to fit with the diversity of the IoT, and the business models that IoT devices have to be accommodated.” The GSMA agrees entirely with this, and it has informed design of the guidelines and assessment at all stages, so that IoT companies of all shapes and sizes can be sure they are properly shielding their solutions from cyberattack, and safeguarding customer data.

To make this as effective as possible, cross-industry collaboration is essential. “IoT security has to follow a standardised approach – it should share some basic features across many different sectors,” explained Dr. Apostolos Malatras, Network and Information Security Expert at ENISA.  “We don’t work on our own, we work with different sectors and companies – ultimately, we’re here to help you help us to help you. Together we can boost the basic level of cyber hygiene from where it stands at present, and indeed we must.”

Top of the agenda were hopes of building a consensus on industry-led approaches to best practice. There was agreement throughout the room that – however well-intentioned – it is unlikely civic authorities will be able to develop such frameworks as effectively as those whose working lives are spent absorbed in IoT security. “When we say certification, what we really mean is conformance,” explained Katerina Megas, NIST’s Program Manager for IoT Cybersecurity. “Requirements should be built in the standards – and we take a broad view of what a standard is – but ultimately we believe this should be industry-lead, through a consensus method.” For this to work optimally, and avoid governments feeling they need to play a greater role, it is essential that events such as yesterday’s take place. “The first challenge is around business drivers – there’s not a single place where we can get all stakeholders together,” observed Ms Megas.

While there is much work to be done, the industry is well-placed to win the trust of consumers in the years ahead.  Carlos Carazo, Global CTO for IoT at Telefónica, pointed out that many of the industry’s core assets, like LTE networks and SIM cards, are highly secure by design. There is however no room for complacency, as was unanimously recognised by attendees. The live hack performed in the session focussed minds very well – if the industry is to reassure consumers of the safety of sensitive use cases like driverless cars, it will need to work at the top of its game over the next year. We at the GSMA are confident it will do precisely that.

Back

On-Demand Webinar: How does Mobile IoT fit into the 5G Future? This webinar to explores how Mobile IoT can enhance a 5G future, while still providing capability for today’s key IoT applications such as smart metering, smart logistics and e...

Read more | See all Resources

IoT Connection Efficiency Guidelines In IoT scenarios IoT Device firmware and software play a significant part in determining the overall performance and behaviour of the IoT Service on the mobile network. With no h...

Read more | See all Resources

Connected China at MWC Shanghai 2018 连接中国 世界移动大会-上 Connected China – Leading the World in Mobile IoT   (请单击此处查看中文版本)   27-28 June: 09:00 – 17:00 | 29 June: 09:00 – 16:00 4YFN in Hall ...

Read more | See all Resources

Mobile IoT in the 5G Future – NB-IoT and LTE-M in the Context of 5G In the near future with 5G, mobile operators will continue to provide secure connectivity and high value services, enabling a complete range of IoT solutions for consumers and bu...

Read more | See all Resources

NB-IoT Deployment Guide – Release 2 Narrowband-IoT (NB-IoT) is a new cellular radio access technology specified by 3GPP in Release 13 to address the fast-expanding market for low power wide area connectivity. To ac...

Read more | See all Resources

LTE-M Deployment Guide – Release 2 Long Term Evolution for Machines (LTE-M), also known as licensed low power wide area (LPWA), is a new cellular radio access technology specified by 3GPP in Release 13 to address ...

Read more | See all Resources

Industrial IoT’s rapid growth in China culminates in industry summit China is now the most connected country in the world, home to more connections than anywhere else, and projected to dwarf even those of the United States by 2020. China has been ...

Read more | See all Industry News

Mobile IoT and 5G: Complementary Technologies Central to the IoT Mobile IoT will play an integral role in the 5G era – indeed, the technologies already have a complementary relationship today. Mobile IoT refers to low power wide area (LPWA) ...

Read more | See all Industry News

Mobile IoT Meets Industry 4.0 Showcase at Hannover Messe highlights how mobile connectivity will help drive the next industrial revolution Mobile IoT is set to play a central role in delivering Industry 4.0 ...

Read more | See all Industry News

Mobile IoT in the 5G Future – NB-IoT and LTE-M in the Context of 5G In the near future with 5G, mobile operators will continue to provide secure connectivity and high value services, enabling a complete range of IoT solutions for consumers and bu...

Read more | See all Industry News

NB-IoT Deployment Guide – Release 2 Narrowband-IoT (NB-IoT) is a new cellular radio access technology specified by 3GPP in Release 13 to address the fast-expanding market for low power wide area connectivity. To ac...

Read more | See all Industry News

LTE-M Deployment Guide – Release 2 Long Term Evolution for Machines (LTE-M), also known as licensed low power wide area (LPWA), is a new cellular radio access technology specified by 3GPP in Release 13 to address ...

Read more | See all Industry News

IoT at Mobile World Congress Shanghai 2018 June 27, 2018 With its growing consumer wealth, increasing number services and network connections, China has become a global leader in the Internet of Things (IoT). As the country u...

Read more | See all Connected Living Events

IoT Summit at Mobile World Congress Shanghai 2018 | 世界 June 28, 2018 The IoT was just a concept few years ago, but now it is reality. In 2018 massive IoT adoption will be deployed globally, and we expect to see more to come. With the rap...

Read more | See all Connected Living Events

Contact GSMA Legal Email Preference Centre Copyright © 2018 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.