Internet of Things Cybersecurity

CONSUMER IOT CYBERSECURITY TESTING AND CERTIFICATION

In the age of the Internet of Things (IoT) every connected consumer device, from homecare monitors to kids’ toys, is a potential threat to data security and privacy. The technologies such as Wi-Fi capabilities and sensors are a main component in IoT product which allows them to collect data and have the ability to "talk" to other connected devices. However, the same technologies also open up the IoT product for cyber attacks. Common attack vectors include weak passwords, vulnerabilities in sub-components or integrated libraries, lack of encryption, Internet exposure, and hidden “backdoors” that are designed in by device manufacturers. 

Testing of the individual components against requirements determined by the risk assessment is the foundation of a secure product. Security cannot be installed as a software add-on after product development. Every level of the stack must be assessed for vulnerabilities, including device hardware (chipsets, sensors and actuators), wireless communication modules and protocols, device firmware (OS and embedded applications), cloud platforms and applications. 

Our Services 

Our IoT cybersecurity services include: 

• Cybersecurity evaluation of IoT product to ETSI EN 303 645
• Cybersecurity evaluation of IoT product to NIST 8259
• ISO IEC 15408 Common Criteria 
• Threat Modeling and Risk Assessment
• Vulnerabilities Disclosure Policy workshop
• Vulnerabilities Assessment and Penetration Testing
• Support on regulatory and voluntary requirements and labeling program 
  •  Cybersecurity Labelling Scheme from Cyber Security Agency of Singapore (CSA)
  • Cybersecurity for Residential Gateways Home Routers
• Training on cybersecurity standards (EN303 645 and NIST 8259)