The EU Agency for Network and Information Security teamed up with several European semiconductor manufacturers on a proposal to standardize internet of things cybersecurity, CSO reports. The manufacturers — including Infineon, NXP and STMicroelectronics — and the ENISA plan to introduce baseline cybersecurity standards for IoT products, with the companies believing the European Commission should evaluate any scheme for IoT security certification. The organizations said the European Commission should encourage the creation of “mandatory staged requirements” for IoT security and privacy through legislation. “There is a lack of awareness when it comes to security and privacy in IoT. Industry, especially SME, needs to be provided with information about existing security features, such as encryption, appropriate key storage, strong authentication, privacy and identity management systems,” the companies said.
European semiconductor makers have agreed on a proposal to standardize Internet of Things (IoT) cybersecurity. Infineon, Qualcomm-owned NXP, STMicroelectronics, and ENISA have released a joint proposal to introduce baseline cybersecurity for connected things. The semiconductor makers agreed that a European scheme for IoT security certification and labelling should be evaluated by the European Commission (EC). The EC should also encourage the development of “mandatory staged requirements” for IoT security and privacy through new European legislation, the organizations said in a position paper aimed at policy makers as Europe prepares to introduce new IoT cybersecurity laws. The paper outlines support for the proposed “Trusted IoT” cybersecurity labelling system, akin to Europe’s CE labeling for products sold in the EU. It also supports the introduction of minimum security requirements and standardized security processes & services.