Organization: Department of Homeland Security (DHS)
Published on: 15 November 2016
US Department of Homeland Security (DHS) issued a set of “Strategic Principles for Securing the Internet of Things (IoT), Version 1.0.” These principles highlight approaches and suggested practices to fortify the security of the IoT and will equip stakeholders to make responsible and risk-based security decisions as they design, manufacture, and use internet-connected devices and systems. The purpose of these principles is to provide stakeholders with tools to comprehensively account for security as they develop, manufacture, implement, or use network-connected devices. It is a first step to motivate and frame conversations about positive measures for IoT security among IoT developers, manufacturers, service providers, and the users who purchase and deploy the devices, services and systems. The principles focus on the following key areas: incorporating security at the design phase; advancing security updates and vulnerability management; building on proven security practices; prioritizing security based on potential impacts; promoting transparency across the IoT ecosystem; and connecting carefully and deliberately.