European network and infosec agency ENISA has taken a look at Internet of Things security, and doesn’t much like what it sees.
So it’s mulling a vendor’s nightmare that the US and UK dared not approach: security regulation – at least the minimal regulation of testing and certification.
In a position paper published Monday, the group says there is “no level zero defined for the security and privacy of connected and smart devices,” no legal guidelines for IoT device and service trust, and no “precautionary requirements in place.”
In other words, to readers familiar with the woe The Register has chronicled over the years, it’s an Internet of S**t.
The paper reckons IoT security needs bottom-to-top baseline requirements, from simple devices all the way up to complete systems (it cites connected cars and factories as examples of the latter).
For Full Story, Please click here.