IT disaster recovery, cloud computing and information security news

New Controls Framework provides guidance for managing IoT risks

The Cloud Security Alliance (CSA) has announced the release of its new IoT Controls Framework, which introduces the base-level security controls required to mitigate many of the risks associated with an IoT system operating in a range of threat environments.

Created by the CSA IoT Working Group, the new Framework, together with its companion piece, the Guide to the CSA Internet of Things (IoT) Controls Framework, provide organizations with the context in which to evaluate and implement an enterprise IoT system that incorporates multiple types of connected devices, cloud services, and networking technologies.

With the implementation of increasingly complex IoT systems organizations need clear guidance to identify appropriate security controls and allocate them to specific components within their system. These components include but are not limited to simple sensors, simple actuators, edge devices, fog computing, mobile device/application, on-premise intermediary device, cloud gateway, and cloud app/service.

Utilizing the Framework, user owners will assign system classification based on the value of the data being stored and processed and the potential impact of various types of physical security threats. Regardless of the value assigned, the Framework has uses across numerous IoT domains from systems processing only ‘low-value’ data with limited impact potential, to highly sensitive systems that support critical services.

Obtain the IoT Controls Framework and the Guide (registration required).



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.