Hi all, in case you don't know about the IASME consortium. They lead the work on the Cyber Essentials certification in the UK but also the IoT Security Assured Scheme.
This may be useful if you are doing business in the UK and/or EU, especially business with UK Government and the NHS.
IASME has developed the IoT Security Assured scheme to provide an essential opportunity for manufacturers to improve the security of their internet-connected devices and to show they are compliant with best-practice security. The scheme has been designed specifically to be accessible to smaller organisations, micro-businesses and start-ups alongside more established manufacturers.
The scheme is also a vital tool in enabling organisations to verify the security of connected devices in their own supply chain.
The IoT Security Assured scheme is aligned with the ETSI technical standard for IoT security, EN 303 645, and with the proposed UK IoT security legislation and guidance. It is also mapped to the IoTSF Security Compliance Framework.
Cyber Essentials or ISO27001 certification is now pretty essential for anyone wanting to do business with UK Government or the NHS.
Of course, you should also be aware of the New cyber laws to protect people’s personal tech from hackers - GOV.UK (www.gov.uk), the Product Security and Telecommunications Infrastructure Bill (PSTI).