In a bid to beef up security around the burgeoning realm of the Internet of Things (IoT), product safety testers Underwriters Laboratories (UL) launched new standards to test web-connected devices for vulnerabilities.
According to the Christian Science Monitor, UL’s move to begin scrutiny of IoT systems follows the Cybersecurity National Action Plan launched by the White House in February. UL’s standards for monitoring IoT devices was developed with the help of several government departments.
UL began over a century ago to test the safety of consumer products, and today its logo is found on everything from TVs to fire alarms. And while its original goal was to test for products for fire safety, UL’s move into IoT security testing opens up a new
Will Underwriters Labs see the big picture?
However, cybersecurity experts are concerned that UL’s security standards are only able to address one aspect of a larger problem relating to securing vulnerable software.
“There’s so much in the software it’s impossible to certify every little component of it,” said Errata Security president Robert Graham. “It’s like you’re trying to certify an aircraft carrier by only looking at the outside shell of the boat.”
Web security specialists have often raised the alarm that connected device manufacturers are not including enough security in IoT components. The laxity in security measures is leaving an opening for hackers to target municipal networks and vital utilities through unsecured devices.
And as the IoT market expands at a rapid pace, more and more industrial and consumer devices are coming online that need securing. Research company Gartner predicts that by 2020 the number of IoT devices will rise from the current 6.4 billion to 20.8 billion.
As well, a recent study by MarketResearchReports.biz shows they expect annualized growth in the IoT security market will reach nearly 55% through 2019.