Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Physical Security

10/21/2020
01:00 PM
50%
50%

IASME Consortium to Kick-start New IoT Assessment Scheme

The IASME Consortium has been awarded a DCMS grant, enabling the UK organization to kick-start an Internet of Things (IoT) assessment scheme. IASME is looking for manufacturers interested in getting their IoT device certified cyber secure for free via the new pilot scheme.

The IASME Consortium has announced that it is launching an Internet of Things (IoT) security assessment scheme with an initial pilot project which will certify devices from 10 manufacturers free of charge. The scheme pilot is being partially funded by a grant from the United Kingdom's Department for Digital, Culture, Media and Sport (DCMS), which IASME and two other organisations were successful in winning.

Digital Infrastructure Minister, Matt Warman, said: "We want people to have confidence in the smart devices they are buying and for retailers to be sure they are stocking secure products. This funding will help make sure robust security standards for internet-connected products are built in from the start while also providing a boost for our burgeoning digital economy."

IASME is well known for helping companies to improve their cyber security through certification and guidance alongside a network of 250 Certification Bodies across the UK. The Consortium says it will use this experience to develop an accessible and affordable IoT certification scheme in advance of new IoT security legislation being rolled out in the UK.

The pilot will be open to any IoT devices that are sold to UK consumers and IASME is looking for 10 manufacturers to take part in the pilot, which is the first of its kind in the UK.

When asked about launching the pilot for the certification, Dr. Emma Philpott MBE, CEO of IASME, said: "Following discussions with the IoT Security Foundation about the need for a low-cost certification scheme for IoT devices, we are excited to be able to be able to start this pilot project with help of UK government funding. We are looking forward to being able to deliver our scheme across the UK and to ensuring that it is just as practical, affordable and accessible as the Cyber Essentials scheme.

"IASME is determined to help manufacturers to demonstrate that their IoT devices have the most important security controls in place for not only their peace of mind, but also for the reassurance of their customers."

You can read IFSEC Global's recent interview with Emma Philpott MBE, here.

If you are a manufacturer interested in being involved in this pilot for free, contact [email protected] for further information.

This story first appeared on IFSEC Global, part of the Informa Network, and a leading provider of news, features, videos and white papers for the security and fire industry. IFSEC Global covers developments in long-established physical technologies — like video surveillance, access control, intruder/fire alarms and guarding — and emerging innovations in cybersecurity, drones, smart buildings, home automation, the Internet of Things and more.

IFSEC Global, part of the Informa Network, is a leading provider of news, features, videos and white papers for the security and fire industry. IFSEC Global covers developments in long-established physical technologies – like video surveillance, access control, ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Visit the Web's Most Authoritative Resource on Physical Security

To get the latest news and analysis on threats, vulnerabilities, and best practices for enterprise physical security, please visit IFSEC Global. IFSEC Global offers expert insight on critical issues and challenges in physical security, and hosts one of the world's most widely-attended conferences for physical security professionals.

Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29458
PUBLISHED: 2020-12-02
Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.
CVE-2020-29456
PUBLISHED: 2020-12-02
Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in ...
CVE-2020-5423
PUBLISHED: 2020-12-02
CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
CVE-2020-29454
PUBLISHED: 2020-12-02
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
CVE-2020-7199
PUBLISHED: 2020-12-02
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access,...