[resources, glossary, iot-security]

    cyber security

    IOT Security

    What is IoT Security?

    IoT security addresses any potential cybersecurity vulnerabilities, patches required, and ongoing support for devices that are connected to the internet. IoT stands for Internet of Things, which refers to devices and technology elements that are connected to the internet. 

    Whether it’s referring to smart home thermostats or medical devices, IoT is usually hooked up to wi-fi. IoT provides real-time interaction with a physical thing in the environment and reporting or recording data on the internet. An everyday example of IoT might be a thermostat or doorbell device that can be controlled remotely via an app or AI assistant. IoT devices are also used to automate warehouses, manufacturing, and office buildings.

    What are IoT Cybersecurity Concerns?

    IoT connected devices extend the cybersecurity exposure companies have and are difficult to inventory. According to the IoT Security Foundation’s IoT Security Assurance Framework, the developers of IoT devices should consider cybersecurity while they are creating the devices.  Devices should allow for data encryption, user access control, firmware and software patches, and easy integration with IT asset inventories. The NIST recommendations for IoT Security also include documentation and non-technical security supports like an incident response plan impacting IoT.

    Beyond IoT device security concerns, one of the other areas of cybersecurity that’s important to consider is the network that the devices are connected to. By ensuring network security, enterprises can reduce the exposure that IoT creates.

    The other area of related security is API security. Web APIs, like other forms of data, need to have security elements including access control and data encryption, as well as cyber attack detection capabilities and vulnerability scanning.