June 5, 2023

Volume XIII, Number 156


June 04, 2023

Subscribe to Latest Legal News and Analysis

June 03, 2023

Subscribe to Latest Legal News and Analysis

June 02, 2023

Subscribe to Latest Legal News and Analysis

Cybersecurity in the Age of the Internet of Things

The Internet of Things (IoT) allows unprecedented interconnectivity for consumers, and unfortunately for those consumers, hackers as well.

The European Union Agency for Network and Information Security (ENISA) recently released a report to provide insight into the security requirements of IoT and good practices recommendations on preventing and mitigating cyber-attacks against IoT systems. The report even includes examples of IoT cyber security attack scenarios.

The report made 7 high-level recommendations to improve IoT security:

  • Promote harmonization of IoT security initiatives and regulations;
  • Raise awareness of the need for IoT cybersecurity;
  • Define secure software and hardware development lifecycle guidelines for IoT;
  • Achieve consensus on interoperability across the IoT ecosystem;
  • Foster economic and administrative incentives for IoT security;
  • Establish secure IoT product/service lifecycle management; and
  • Clarify legal liability among IoT stakeholders.

Some of the specific security measures and good practices identified by ENISA come as no surprise. However, there are significant gaps in security implementation and knowledge in relation to IoT security given its new emergence.  Maybe if some vendors spent a little bit of time on that last point – ie working out they might get sued – then some of the other steps might follow!

Given the close relationship between digital and physical systems, and the rapid growth of the industry, the report argues convincingly that ensuring security in IoT products and services is a fundamental priority.

You can read ENISA’s report here.

Harry Crawford contributed to this post.

Copyright 2023 K & L GatesNational Law Review, Volume VII, Number 340

About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

Keely O'Dowd, K&L Gates, attorney, Melbourne

Ms. O'Dowd is an experienced lawyer with a focus on technology and sourcing projects. She advises on a broad range of technology transactions, including procurement, outsourcing and software licensing. This work includes drafting and advising on a range of IT procurement and supply agreements. Ms. O'Dowd advises a range of corporations on privacy and cybersecurity.