By IndraStra Global News Team
On November 19, 2019, the European Union Agency for Cybersecurity (ENISA) published new guidelines on ensuring 'security by design' for the Internet of Things (IoT) applications. The ‘Good Practices for Security of IoT’ report focuses on software development guidelines, including specifics on how to securely collect requirements, design, develop, maintain and even dispose of IoT systems and services.
According to the executive summary of the report, "This ENISA study introduces good practices for IoT security, with a particular focus on software
development guidelines for secure IoT products and services throughout their lifetime. Establishing secure development guidelines across the IoT ecosystem is a fundamental
building block for IoT security. By providing good practices on how to secure the IoT software
development process, this study tackles one aspect for achieving security by design, a key recommendation that was highlighted in the ENISA Baseline Security Recommendations study
which focused on the security of the IoT ecosystem from a horizontal point of view."
ENISA said the guidelines are applicable for the entire IoT ecosystem (devices, communications/networks, cloud, etc.) and are complementary to its previous work on Baseline IoT Security Recommendations. The target audience of the study is IoT software developers and users, including platforms, SDKs and APIs, and IoT integrators.
About ENISA
The European Union Agency for Cybersecurity (ENISA) has been working to make Europe cyber-secure since 2004. The Agency works closely together with the Members States and other stakeholders to deliver advice and solutions as well as improving their cybersecurity capabilities. It also supports the development of a cooperative response to large-scale cross-border cybersecurity incidents or crises and since 2019, it has been drawing up cybersecurity certification schemes.