RISCAuthority produces Internet of Things IoT ‘Need to Know Guide’ which provides an overview of risk control measures and available equipment/system accreditations.
Published by the Fire Protection Association (FPA) with input from Secured by Design (SBD), BSI (British Standards Institution) and the British Security Industry Association (BSIA), the S35 Internet of Things – Connected Security Devices and Systems document is a concise high-level guide, providing an overview of risk control measures and available equipment/system accreditations.
The guide’s aim is to inform insurance risk consultants, underwriters, other insurance professionals and security equipment users of the main hazards, controls, guidelines and accreditations that make up the landscape for internet-connected security devices.
Adrian Butler, RISCAuthority Principal Consultant at the FPA commented: “The Internet of Things (IoT) is bringing many opportunities to positively impact our lives and businesses. But this brings risks associated with connected devices, particularly those around security, privacy, and safety, that can make it difficult for manufacturers and suppliers to build trust in new products and services.
“To overcome this, suppliers of IoT connected devices and systems must be able to demonstrate security, safety, functionality, interoperability (will it work with other devices), and durability. Security systems with connections to internal and external networks have increased exposure to malicious attack, so to ensure effective security from interference, these systems need to meet suitable certifications and be appropriately designed, installed, commissioned, and maintained.
“S35 Internet of Things – Connected Security Devices and Systems has been developed by the RISCAuthority – with thanks to Secured by Design (UK Police Service), BSI, and BSIA for their support in developing this guide – to inform security equipment users and insurance professionals, of the main hazards, controls, guidelines, and accreditations that make up the landscape for internet-connected security devices.”
Alfie Hosker, SBD Technical Manager, said: “We were approached by the RISCAuthority back in 2021 during the IFSEC Exhibition in London and I am grateful to them, and the other stakeholders involved, for the opportunity to assist in the production of these guidelines.
“The Internet of Things brings many opportunities, however it also carries with it many risks, particularly those around security, privacy, and safety, that can make it difficult for manufacturers and suppliers to build trust in products and services.
“The S35 Internet of Things – Connected Security Devices & Systems document will be useful for insurance risk consultants, underwriters, other insurance professionals and security equipment users as it informs of the main hazards, controls, guidelines, and accreditations that make up the landscape for internet-connected security devices.”
Michelle Kradolfer, SBD’s IoT Technical Officer, said: “Without the appropriate levels of security, any internet connected device is at risk of providing cyber criminals a key to enable them to access and steal personal data. It is therefore vitally important for companies to ensure their IoT products are built as securely as possible, as well as protect their customers and reduce the risk of them falling victim to cyber crime.
“The RISCAuthority have developed an essential guide for insurance professionals and security equipment users to raise awareness on the risks, controls and advice on using internet connected devices, and I am delighted we were able to assist and highlight our Secure Connected Device (SCD) accreditation scheme within the guide.
“SCD encourages companies to focus on the cyber security side of their smart products and it sends a clear message to the wider industry on the importance of IoT security, as well as the need to work together across the board to help keep UK consumers safe from a cyber breach.”
The RISCAuthority S35 Internet of Things – Connected Security Devices & Systems document is available to download on the FPA website here.
