“During the Q&A, Harper also pointed out that the European Union Agency for Cybersecurity (ENISA) has adopted a cybersecurity certification framework where certain Internet of Things (IoT) devices must be validated from a privacy and security perspective, and said the US is working on a similar initiative.”
Insecure IoT devices continue to be major contributors to Internet (in)security, particularly with regards to increasing attack vectors for enterprises, distributed denial of service (DDoS), critical infrastructure (CI) resilience, and personal data protection, among other risk areas.
ENISA is doing some great work with their Guidelines for Securing the IoT Supply Chain, Cybersecurity Certification Framework, Risk Assessment Tool for IoT, and the Good Practice for Connected Cars.
Still, there’s a lot more to be done through increased stakeholder collaboration. I definitely have time for these types of initiatives!