WASHINGTON – As the use of network-connected devices, systems, and services grows rapidly, ITI today released new policy principles to guide governments, industry partners, and other stakeholders in securing the Internet of Things (IoT). The IoT Security Policy Principles offer guidance to help ensure the entire IoT ecosystem is secure and resilient in the face of malicious actors while also providing the benefits and conveniences that consumers demand.
Specifically, the principles recommend an approach to:
- Focus on the broader ecosystem as opposed to device security alone;
- Develop and utilize industry-driven core baseline capabilities and standards;
- Avoid regulatory fragmentation; and
- Promote global harmonization.
“There’s no question: IoT will continue to play a big role in our lives,” said John Miller, Senior Vice President of Policy and Senior Counsel for ITI. “ITI’s policy principles make sure IoT innovation continues to thrive while guarding against malicious attacks on consumer devices. These principles include both guidelines for impactful policies and practical solutions that will enable all stakeholders to fully realize the potential of connected devices in a more secure IoT ecosystem. We look forward to working with policymakers, academia, civil society, and other industry sectors to implement these principles into real and actionable policies.”
IoT is already an integral part of daily life, work, and existence. The technology is revolutionizing the way people interact with devices and helping to advance the global economy. According to a Gartner report, there will be 20.4 billion IoT devices in use worldwide by 2020 and more devices are connecting to the internet every second.
At the same time, global concerns around IoT security, including botnets, have continued to grow. Regulators around the world have responded to the threats by proposing requirements, certifications, and labeling programs for connected devices. However, piecemeal and fragmented regulatory approaches that differ significantly by jurisdiction cannot keep pace with rapid technological advancement across borders. ITI’s policy principles offer companies and governments a roadmap to address this challenge through a more universal approach.
ITI’s IoT Security Policy Principles were developed in collaboration with its member companies, which represent the full spectrum of the tech industry including hardware and networking equipment manufacturers, software developers, cybersecurity and internet companies, and other global leaders from across the sector.