Below is my attempt to list of all published 5G, IoT and “Smart Everything”-related security guidelines, frameworks and standards. If you are aware of additional entries that should be here, please let me know at [email protected]
ENISA – Baseline Security for IoT
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Baseline Security Recommendations for IoT Published on: 20 November 2017 The study which is titled ‘Baseline Security Recommendations ...
Read More
Read More
IoTAA – IoT Security Guidelines
Organization: IoT Alliance Australia (IoTAA) Reference: Internet of Things Security Guideline V1.2 [PDF] Published on: November 2017 The purpose of the Internet of Things Security Guideline is to provide ...
Read More
Read More
GSMA – IoT Security Guidelines (V2.0)
Organization: GSMA Reference: IoT Security Guidelines Published on: Latest Update on 31 October 2017 V2.0. Published on 9 February 2016 IoT Security Guidelines is a comprehensive set of best practices ...
Read More
Read More
IETF – A Firmware Update Architecture for IoT (Draft)
Organization: The Internet Engineering Task Force (IETF) Reference: A Firmware Update Architecture for Internet of Things Devices (Draft) Published on: 30 October 2017 Vulnerabilities with IoT devices have raised ...
Read More
Read More
GSMA – IoT Security Assessment
Organization: GSMA Reference: IoT Security Assessment Published on: October 2017 The GSMA IoT Security Assessment provides a flexible framework that addresses the diversity of the IoT market, enabling companies ...
Read More
Read More
NIST SP800-53 Security and Privacy
Organization: National Institute of Standards and Technology (NIST) Reference: SP800-53 Security and Privacy Controls for Information Systems and Organizations - Revision 5 (Draft) [PDF] Published on: August 2017 NIST ...
Read More
Read More
NYC – Guidelines for the Internet of Things
Organization: New York City Reference: Guidelines for the Internet of Things Published on: 14 July 2017 These guidelines provide a framework to help government and our partners responsibly deploy ...
Read More
Read More
Microsoft – IoT security best practices
Organization: Microsoft Reference: Internet of Things security best practices Published on: 3 July 2017 To secure an Internet of Things (IoT) infrastructure requires a rigorous security-in-depth strategy. This strategy ...
Read More
Read More
Microsoft – IoT security architecture
Organization: Microsoft Reference: Internet of Things security architecture Published on: 3 July 2017 When designing a system, it is important to understand the potential threats to that system, and ...
Read More
Read More
IETF – Best Practices for Securing IoT Devices (Draft)
Organization: The Internet Engineering Task Force (IETF) Reference: Best Current Practices for Securing Internet of Things (IoT) Devices (Draft) Published on: 3 July 2017 In recent years, embedded computing ...
Read More
Read More
IoTAA – IoT Security Guidelines
Organization: IoT Alliance Australia (IoTAA) Reference: Internet of Things Security Guideline V1.0 [PDF] Published on: 23 February 2017 The purpose of the Internet of Things Security Guideline is to ...
Read More
Read More
OWASP – IoT Security Guidance
Organization: Open Web Application Security Project (OWASP) Reference: IoT Security Guidance Published on: 14 February 2017 [Latest Update] Basic list of fundamentals. Consists of:
- Manufacturer IoT Security Guidance
- Developer ...
Read More
OTA – IoT Trust Framework (V2.0)
Organization: Online Trust Alliance (OTA) Reference: OTA – IoT Trust Framework (V2.0) [PDF] Published on: Latest Update: 4 May 2017 Initially published: 5 January 2017 The IoT Trust Framework ...
Read More
Read More
FDA – Cybersecurity in Medical Devices
Organization: US Food and Drug Administration (FDA) Reference: Postmarket Management of Cybersecurity in Medical Devices [PDF] Published on: 28 December 2016 Final version of the guidance informing industry and ...
Read More
Read More
ENISA – Securing Smart Airports
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Securing Smart Airports Published on: 16 December 2016 In response to the new emerging threats faced by smart ...
Read More
Read More
Embedded Hardware Security for IoT
Organization: Secure Technology Alliance (Previously: Smart Card Alliance) Reference: Embedded Hardware Security for IoT Applications Published on: December 2016 This white paper describes basic security principles that are critical ...
Read More
Read More
Vulnerability Disclosure Best Practices
Organization: IoT Security Foundation (IoTSF) Reference: Vulnerability Disclosure Best Practice Guidelines Published on: 6 December 2016 The Connected Consumer Products best practice guide provides clear advice for firms that ...
Read More
Read More
IoTSF – Best Practice Guidelines for Connected Products
Organization: IoT Security Foundation (IoTSF) Reference: Best Practice Guidelines for Connected Consumer Products Published on: 6 December 2016 The Connected Consumer Products best practice guide provides clear advice for ...
Read More
Read More
IoT Security Compliance Framework
Organization: IoT Security Foundation (IoTSF) Reference: IoT Security Compliance Framework Published on: 6 December 2016 The framework provides a comprehensive and practical checklist to guide organisations through a security ...
Read More
Read More
IoTiap – Responsible IoT Development
Organization: IoTiap Reference:Â Principles, Practices and a Prescription for Responsible IoT and Embedded Systems Development Published on: 2 December 2016 This document addresses security challenges related to the Internet ...
Read More
Read More
ENISA – Cyber security and resilience for Smart Hospitals
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Cyber security and resilience for Smart Hospitals Published on: 24 November 2016 This study proposes key recommendations for ...
Read More
Read More
BITAG – IoT Security and Privacy Recommendations
Organization: Broadband Internet Technical Advisory Group (BITAG) Reference:Â Internet of Things (IoT) Security and Privacy Recommendations Published on: 22 November 2016 Report on the technical aspects of Internet of ...
Read More
Read More
NIST SP 800-160 Security Engineering
Organization: National Institute of Standards and Technology, U.S. Department of Commerce (NIST) Reference: Systems Security Engineering – NIST SP 800-160 [PDF] Published on: November 2016 NIST issued the final ...
Read More
Read More
DHS – Strategic Principles For Securing IoT
Organization: Department of Homeland Security (DHS) Reference: Strategic Principles For Securing The Internet Of Things Published on: 15 November 2016 US Department of Homeland Security (DHS) issued a set ...
Read More
Read More
CSA – Future Proofing Connected World
Organization: Cloud Security Alliance (CSA) Reference: Future Proofing the Connected World – 13 Steps to Developing Secure IoT Products Published on: 7 October 2016 80-page guidance on development of secure ...
Read More
Read More
Industrial Internet Security Framework (IISF)
Organization: Industrial Internet Consortium (IIC) Reference: Industrial Internet Security Framework (IISF) Published on: 26 September 2016 The Industrial Internet Security Framework (IISF) is a cross-industry-focused, comprehensive (173-pages) security framework ...
Read More
Read More
AIOTI – Architecture Functional Model
Organization: Alliance for Internet of Things Innovation (AIOTI) Reference: High Level Architecture Functional Model Release 2.1 [PDF] Published on: September 2016 AIOTI WG3 has developed a High Level Architecture ...
Read More
Read More
CD 30141 IoT Reference Architecture
Organization: International Organization for Standardization (ISO) Reference: CD 30141 Internet of Things Reference Architecture (IoT RA) (Committee Draft) [PDF] Published on: 10 September 2016 This document provides a standardized ...
Read More
Read More
oneM2M – Release 2 Specifications – Functional Architecture
Organization: oneM2M Reference: Release 2 Specifications Within Release 2 Specifications the Functional Architecture is here [PDF] Published on: 30 August 2016 Reference for M2M development ...
Read More
Read More
oneM2M – Release 2 Specifications – Security Technical Report
Organization: oneM2M Reference: Release 2 Specifications Within Release 2 Specifications the Security Technical Report is here [PDF] Published on: 30 August 2016 Standard for M2M deployment covering requirements, architecture, ...
Read More
Read More
Z-Wave – S2 Security Framework
Organization: Z-Wave Reference: S2 Security Framework Published on: August 2016 Introduction into the new Security 2 (S2) framework for smart home devices and controllers, gateways and hubs ...
Read More
Read More
Auto-ISAC – Automotive Cybersecurity
Organization: Automotive Information Sharing and Analysis Center (Auto-ISAC) Reference:Â Automotive Cybersecurity Best Practices Published on: 21 July 2016 The Best Practices cover organizational and technical aspects of vehicle cybersecurity, including ...
Read More
Read More
NIST – SP800-183 Networks of ‘Things’
Organization: National Institute of Standards and Technology (NIST) Reference: SP800-183 Network of 'Things' [PDF] Published on: July 2016 SP 800-183 offers an underlying and foundational understanding of the Internet ...
Read More
Read More
ATT – The CEO’s Guide to Securing the Internet of Things
Organization: AT&T Reference: The CEO's Guide to Securing the Internet of Things Published on: 2016 The document provides a strategic framework for securing the IoT, crafted from the work ...
Read More
Read More
OWASP – Principles of IoT Security
Organization: Open Web Application Security Project (OWASP) Reference: Principles of IoT Security Published on: 14 May 2016 16 high-level principles of IoT security ...
Read More
Read More
Platform Industrie 4.0 – Secure Identities
Organization: Platform Industrie 4.0 Reference: Technical Overview: Secure Identities [PDF] Published on: April 2016 The aim of this paper is to provide an overview of the security challenges, requirements and ...
Read More
Read More
Platform Industrie 4.0 – Industry 4.0 Security
Organization: Platform Industrie 4.0 Reference: IT Security in Industrie 4.0 Published on: April 2016 The essential prerequisite for a successful implementation of Industrie 4.0 is a secure and trustworthy treatment ...
Read More
Read More
Platform Industrie 4.0 – Reference Architectural Model
Organization: Platform Industrie 4.0 Reference: Reference Architectural Model Industrie 4.0 (RAMI4.0) Published on: April 2016 RAMI 4.0 is a three-dimensional map showing how to approach the issue of Industrie ...
Read More
Read More
The Cavalry – Hippocratic Oath for Connected Medical Devices
Organization: I Am The Cavalry Reference: Hippocratic Oath for Connected Medical Devices Published on: 19 January 2016 High-level principles for connected medical devices ...
Read More
Read More
ENISA – Cyber Security of Intelligent Public Transport
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Cyber Security and Resilience of Intelligent Public Transport. Good practices and recommendations Published on: 25 December 2015 This ...
Read More
Read More
ENISA – Security of Smart Home
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Security and Resilience of Smart Home Environments Published on: 1 December 2015 This study aims at securing Smart ...
Read More
Read More
Identity & Access Management for the IoT
Organization: Cloud Security Alliance (CSA) Reference: Identity and Access Management for the Internet of Things Published on: 30 September 2015 To help security practitioners ensure the integrity of their ...
Read More
Read More
IoTSF – Principles for IoT Security
Organization: IoT Security Foundation (IoTSF) Reference: Establishing Principles for Internet of Things Security [PDF] Published on: 22 September 2015 High-level IoT security principles (16-pages) ...
Read More
Read More
Symantec – Security Reference Architecture for the IoT
Organization: Symantec Reference: Security Reference Architecture for the Internet of Things (IoT) Published on: 17 September 2015 This paper describes a powerful and easy-to-deploy architecture for mitigating the vast ...
Read More
Read More
IEEE SA – 2413 – Standard for an Architectural Framework for IoT
Organization: The Institute of Electrical and Electronics Engineers (IEEE) Reference: 2413 Standard for an Architectural Framework for the Internet of Things (IoT) (Draft) Published on: 3 September 2015 (Draft ...
Read More
Read More
CSA – Security Guidance for Early Adopters of IoT
Organization: Cloud Security Alliance (CSA) Reference: Security Guidance for Early Adopters of the Internet of Things (IoT) [PDF] Published on: 16 April 2015 Guidance for the secure implementation of ...
Read More
Read More
The Cavalry – Automotive Cyber Safety
Organization: I Am The Cavalry Reference: Five Star Automotive Cyber Safety Program Published on: 15 February 2015 High-level principles for the automotive industry cyber safety ...
Read More
Read More
FTC – Careful Connections – Building Security in IoT
Organization: Federal Trade Commission (FTC) Reference: Careful Connections – Building Security in the Internet of Things Published on: 27 January 2015 Advice for businesses about building security into products connected ...
Read More
Read More
NCC – Cybersecurity of Things (IoT)
Organization: NCC Group Reference: Security of Things: An Implementers Guide to Cyber Security for Internet of Things devices and beyond Published on: 8 April 2014 The paper takes the ...
Read More
Read More
Architectural Reference Model for the IoT v3.0
Organization: Internet of Things - Architecture Reference: Architectural Reference Model for the IoT v3.0 [PDF] Published on: 15 July 2013 IoT-A, the European Lighthouse Integrated Project created the proposed ...
Read More
Read More
For over 30 years, Marin Ivezic has been protecting people, critical infrastructure, enterprises, and the environment against cyber-caused physical damage. He brings together cybersecurity, cyber-physical systems security, operational resilience, and safety approaches to comprehensively address such cyber-kinetic risk.
Marin leads Industrial and IoT Security and 5G Security at PwC. Previously he held multiple interim CISO and technology leadership roles in Global 2000 companies. He advised over a dozen countries on national-level cybersecurity strategies.
