GSMA tackles cyber attacks & data security in new IoT guidelines

GSMA, an association of mobile operators, has issued guidelines to promote secure IoT development and deployment.

The guideline has been developed in consultation with the mobile industry and IoT service providers. The guideline includes advice for dealing with common security threats as well data privacy issues in IoT services.

GSMA chief technology officer Alex Sinclair said: "As billions of devices become connected in the Internet of Things, offering innovative and interconnected new services, the possibility of potential vulnerabilities increases.

"These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and an appropriate mitigating technology is deployed. A proven and robust approach to security will create trusted, reliable services that scale as the market grows."

The security guideline has been designed for all stake holders of the IoT ecosystem including IoT service providers, IoT device manufacturers and developers.

The guideline claims to help service providers to address potential security threats while building secure services.

It will also help in addressing data security as the guidelines stress the need of risk based assessment of all components of IoT services. It aims to help securely collect, store and exchange data and address cybersecurity attacks.

GSMA has already completed consultation with academics, analysts and other industry experts to ensure that the guideline is robust enough.

Lab Mouse Security CEO founder and CEO Don A. Bailey said: "There is a significant amount of evidence to suggest that cyberattacks are already happening in the burgeoning IoT space.

"If not handled appropriately, these attacks are likely to inhibit the growth and stability of the Internet of Things."

"It is imperative that the industry adopts a standard approach for dealing with security risks and mitigations, helping to ensure that the entire IoT ecosystem will not be subject to fraud, exposures of privacy, or attacks that affect human life."

The initiative has the backing of mobile operators AT&T, China Telecom, Etisalat, KDDI, NTT DOCOMO, Orange, Telefónica, Telenor and Verizon and vendor and infrastructure partners 7Layers, Ericsson, Gemalto, Morpho, Telit and u-blox.

AT&T Product Development – IoT Solutions vice president Cameron Coursey said: "Security is paramount to something that touches and influences our lives as deeply as IoT.

"These guidelines are a vital initiative towards realizing the vision of a robust and highly secure IoT ecosystem."

Etisalat M2M VP Angel David Garcia Barrio said: "The Internet of Things presents great opportunities to create value for businesses and consumers but the interconnection of heterogeneous systems and technologies increases the chance of exposing areas of vulnerability.

"The GSMA IoT Security guidelines compiles best practice recommendations for service development which if adopted will minimise opportunities for malicious exploitation and in turn will reassure market confidence and facilitate mass adoption."