vege - Fotolia
Industry association techUK has launched a set of high level principles designed to help build public confidence in the internet of things (IoT), partly in response to a number of high-profile incidents that have seen IoT devices and sensors compromised and co-opted into botnets by cyber criminals.
The programme, Trust Principles in an IoT World, is designed to serve as a simple framework for businesses and developers to create greater consumer confidence in the IoT and help it grow, said techUK.
“These principles demonstrate that our industry takes concerns about data, consent and transparency seriously. They are the start of the conversation rather than the end and they offer a solid framework for future discussion. These principles will help ensure that the IoT has a smooth transition from theory to reality,” said techUK CEO Julian David.
TechUK hopes the framework will help promote data transparency and customer empowerment to ensure everyone can retain control of their personal data; interoperability so that people can switch between devices, providers and services easily; and security-by-design to protect from cyber attacks.
This is in line with the government’s 2014 Blackett Review, which stated that public acceptability and trust in the IoT will be essential if the technology to reach its full potential.
TechUK pointed out that the IoT could have transformative impacts on health services, public safety, efficient industry, and new and innovative businesses and business models, but only if people were comfortable with the vast amounts of data it is already generating, and what is happening to it.
Towards the end of 2016, hundreds of thousands of consumer IoT devices were compromised and used in a number of distributed denial of service (DDoS) attacks as part of the Mirai botnet. Some of these attacks rendered web services, including Netflix, Spotify and Twitter, unusable for many people.
Stephen Pattison, vice-president of public affairs at ARM and techUK IoT council chair, said: “Trust is the oxygen which will breathe life into the internet of things. Industry needs to show data is safe and that it is properly treated. Otherwise we endanger the potential of the IoT. TechUK is right to focus on this.”
Read more about IoT security
- Experts say more must be done to mitigate the potentially catastrophic threats presented by connected devices.
- The window of opportunity for addressing security risks in internet of things devices is closing rapidly, according to Intel’s IoT security manager.
- In the wake of the October 2016 Dyn attacks, IT organisations must consider IoT security, and truly integrate security into their CMDB and CM planning.
Matt Hancock, minister of state for digital and culture, added: “The IoT is transforming our lives through innovative products and services with the potential to deliver major benefits for citizens.
“Successful technology depends on secure technology. We are determined to make sure the UK is an international leader in this technology, and that means ensuring the internet of things is cyber secure.
“The principles published today will help provide greater security so that consumers and businesses can benefit from the opportunities the IoT has to offer,” he said.