The Internet of Things (IoT) has given rise to a whole new generation of connected products. On average, a person will be operating 6 to 7 connected devices by 2020, resulting in 50 billion devices globally*. The increase in connected solutions also attracts attackers looking to steal personal data or take control over devices for various purposes, including DDoS attacks. As more and more hacks of consumer products make the news headlines, consumers become more aware of potential security risks of their devices.
But how can consumers determine whether the devices they want to buy are adequately secured? How can they make sure those devices don’t bring attackers into their smart homes? Today, there are limited ways for manufacturers to leverage security as a product differentiator.
The IoT Security Rating, which is based on UL’s IoT Security Top 20 Design Principles, aims to serve two purposes:
- Help manufacturers and developers improve the security posture of their solutions by leveraging proven security best practices
- Rate the security posture of IoT solutions in order to make security more transparent and accessible to consumers.
By going through an efficient yet comprehensive evaluation process, manufacturers and their products are rewarded a security rating label which can be used for both online and in-store marketing. UL’s IoT Security Rating framework aligns with prominent industry standards, including ETSI TS 103 645 that builds on the UK Code of Practice for Consumer IoT Security, and can serve as a means to demonstrate conformance to those standards.
- Make product security more transparent and accessible for consumers
- Help consumers make purchasing decisions
Demonstrate security due diligence
- Ensure minimum security capabilities are met, as articulated by ETSI TS 103 645 and other industry standards
- Leverage the IoT Security Rating to define a product security roadmap
- Leverage the IoT Security Rating to achieve product differentiation
Keep up with market trends
- Stay ahead of regulatory developments and potential security liability