ISO security framework or standard for IoT
Curious if there's any ISO security framework or standard for IoT like CSA? Thanks
Assign topic to the user
I’m assuming that by CSA you mean Cloud Security Alliance.
Considering that, ISO has three specific standards related to IoT:
- ISO/IEC 21823-2:2020 Internet of things (IoT) — Interoperability for IoT systems — Part 2: Transport interoperability
- ISO/IEC TR 30164:2020 Internet of things (IoT) — Edge computing
- ISO/IEC TR 30166:2020 Internet of things (IoT) — Industrial IoT
They do not define a security framework for IoT, but security requirements that need to be considered (e.g., Security and privacy, by ISO/IEC TR 30164:2020, and Security requirements by ISO/IEC 21823-2:2020), and ISO 27001 can be used to implement the security framework to fulfill such requirements.
These articles will provide you with further explanation about ISO 27001 and how to work with security controls:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- Where to start from with ISO 27001 https://advisera.com/27001academy/knowledgebase/iso-27001-where-to-start-most-important-materials/
Comment as guest or Sign in
Sep 01, 2022