Kaspersky Lab ICS Experts Join Forces with ENISA to Improve IoT Security Recommendations
Kaspersky Lab experts are working with the European Union Agency for Network and Information Security (ENISA) and other first-rate panelists from some of the leading market players, to prepare expert advice for the protection of critical infrastructure.
Woburn, MA – December 15, 2017 – To respond to today's growing prevalence of IoT threats and consolidate industry cybersecurity expertise, Kaspersky Lab experts are working with the European Union Agency for Network and Information Security (ENISA) and other first-rate panelists from some of the leading market players, to prepare expert advice for the protection of critical infrastructure.
In November 2017, ENISA published a report "Baseline Security Recommendations for the Internet of Things in the context of critical information infrastructures," with the goal of offering IoT security advice for organizations in Europe by taking into consideration factors such as the complexity of critical assets, and existing cyberthreats and solutions for the protection of systems such as IoT.
Kaspersky Lab, as a member of the ENISA IoT Security Experts Group (IoTSEC), was involved in the creation of the report by providing expert recommendations. Within the report, the agency has issued policy measures for EU institutions, IoT hardware manufactures and software developers.
"Kaspersky Lab has vast expertise in the field of critical infrastructure security," said Andrey Doukhvalov, head of future technologies, chief strategy architect, Kaspersky Lab. "We believe that our contribution to ENISA's IoT security recommendations will help organizations develop more efficient cybersecurity strategies and help policymakers establish highly relevant regulations to face modern cyberthreats."
Kaspersky Lab IoTSEC experts shared their recommendations on two fronts – for EU policymakers and IoT hardware and software developers. In terms of the key security considerations for EU policymakers, Kaspersky Lab experts recommend the following:
- Focus on sector-specific recommendations, guidelines and certification requirements rather than on holistic approaches.
- Standardize across the EU and deliver EU-wide IoT terminology and taxonomy for international cybersecurity standards.
- Cooperate actively with the industry and involve the private sector in policymaking by using existing industrial associations and groups such as AIOTI.
- Establish a layered defense system against cybersecurity threats as this is very important for IoT devices.
For those who work directly with IoT systems, Kaspersky Lab experts advise that the following steps be taken to improve security:
- Ensure that all employees have up to date knowledge and skills in cybersecurity and that they are constantly tested.
- Ensure data interoperability with a reliable and automatic patching system. IoT hardware manufacturers and software developers need to adopt cyber supply chain risk management policies and communicate cybersecurity requirements to their suppliers and partners.
- Conduct a code review during the implementation process to reduce the number of bugs in the final version of a product, while also identifying any malware input or authentication bypass attempts.
The full list of advice for the protection of IoT critical infrastructures can be found in the ENISA report here. To learn more about Kaspersky Lab's Industrial Cybersecurity expertise, please visit: https://ics.kaspersky.com/.
About ENISA
The European Union Agency for Network and Information Security (ENISA) is a center of expertise for cybersecurity in Europe. The Agency is located in Greece with its seat in Heraklion Crete and an operational office in Athens. The Agency works closely together with Members States and private sector to deliver advice and solutions. This includes, the pan-European Cyber Security Exercises, the development of National Cyber Security Strategies, CSIRTs cooperation and capacity building, but also studies on secure Cloud adoption, addressing data protection issues, privacy enhancing technologies and privacy on emerging technologies, eIDs and trust services, and identifying the cyberthreat landscape, and others. ENISA also supports the development and implementation of the European Union's policy and law on matters relating to NIS.
Learn more at https://www.enisa.europa.eu/about-enisa.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter
Media Contact:
Denise Berard
508.274.0704
Denise.Berard@kaspersky.com
Kaspersky Lab ICS Experts Join Forces with ENISA to Improve IoT Security Recommendations
Kaspersky
Related Articles Press Releases
Kaspersky report shows just how common scams are becoming on popular online services
Consumer security survey captures user experiences and attitudes related to online scams and privacy trendsRead More >