The ISMS Forum has created a cybersecurity seal for the Internet of Things

The Spanish Association for the Promotion of Information Security (ISMS Forum), made up of a hundred organizations in the technology sector, has created a cybersecurity seal for the Internet of Things that is equivalent to a guarantee mark.

This seal contains several domains that cover technical aspects such as firmware security, remote update policy, as well as remote inspections, security by design, privacy from a legal point of view, security in communications or the guarantee of security throughout the entire product lifecycle.

To obtain this certification, manufacturers must complete a self-assessment using a technical form and undergo an audit by the ISMS Forum. This initiative aims to extend the certification to the European level in the near future, and the ISMS Forum intends to partner with the National Cybersecurity Institute (INCIBE) as its representative to the European Union to ensure that internet security, particularly for devices used by citizens in their homes, receives the attention it deserves.

According to INCIBE, the most common method of device infection comes from installing applications from sources other than the official app store. Devices most susceptible to attack are those with a vulnerable operating system and a camera and microphone, as in these cases cybercriminals could record the user's speech and capture video without their knowledge.

Jorge Hurtado, Cybersecurity Director at the consulting firm Capgemini and leader of the initiative, laments that: “The problem is that governments leave regulation until the last minute, citizens are unaware of security measures, and since security has no added value and there is no law for it, manufacturers do not implement it.”.