Re: References for "best practices" in IoT security needed

Hi,
A list here (which I need to update): http://blog.mobilephonesecurity.org/2016/11/iot-security-resources.html
IoT Security Foundation Best Practices - 1.1 being launched shortly: https://iotsecurityfoundation.org/best-practice-guidelines/
Also checkout the GSMA IoT security guidelines: https://www.gsma.com/iot/future-iot-networks/iot-security-guidelines/
Cheers,

David.


Sent from my mobile
-------- Original message --------From: "Mccool, Michael" <michael.mccool@intel.com> Date: 17/08/2017  04:03  (GMT+01:00) To: public-wot-ig@w3.org Subject: References for "best practices" in IoT security needed 
I've been looking for references on "best practices" in IoT security.  Ideally these would be standards we could cite or practices adopted or required by major organizations (eg large companies or governments).

While the following is not a standard (unfortunately), and I haven't yet read through the whole thing, the following book is proving to be pretty useful.  In particular, it highlights the interaction of safety and security in IoT, something which is not necessarily a factor in other cybersecurity contexts:

Practical Internet of Things Security https://g.co/kgs/MSw7Yz

At the same time, we DO still need better "anchor" citations from standards bodies or similar organizations we can use for best practice security recommendations *in IoT*.  If anyone on this list has suggestions, please give them.

We do have an existing set of references under the main github site.

Michael McCool

Received on Thursday, 17 August 2017 06:40:30 UTC