Podcast: Play in new window | Download (Duration: 26:13 — 36.0MB) | Embed
Subscribe: Google Podcasts | Email | RSS
In this episode of the podcast (#186) we do a deep dive on the new IoT cyber security rating system from Underwriters’ Lab. We talk with experts from GE Appliances about the process they used to obtain UL certification for a range of smart home appliances, managing device security over the decades and how a cyber security rating system may influence consumers’ behavior.
Internet of Things (IoT) devices have been cropping up on home, business and enterprise networks for years. In 2020, their security – or lack of it – has becoming a major headache.
Organizations seemed to have grasped this. A recent survey by the Ponemon Institute, in fact, found that 61% of respondents said it was “likely” or “highly likely” that, in the next 24 months, their organization would experience a data loss or theft due to an IoT devices or application that was not secure. That figure was up from just 48% of respondents who believed that in 2017.
Smart Homes May Hide Crypto Mining Schemes
Consumers, also, apprehend that the security of their home surveillance cameras, connected appliances and other smart home technologies matter. Horror stories like those of the hacker who took over a Ring camera inside a small girl’s room have implanted themselves in the psyches of anxious parents – as well they should.
One Certification to Rule them All
The problem to date has been that no easy way existed to measure security in these products. Absent some kind of security mark or certification, how are consumers to know which smart dish washer is running an out of date version of Linux that can’t be patched? Looked at a different way: how will they know to choose the device that has implemented security best practices in its design, default configuration and deployment?
Enter Under Writers Laboratory., or UL. Over the past few years, the organization, which has been certifying the safety and security of products for generations, has been rolling out an IoT cyber security rating system. At this year’s CES conference, UL announced that GE Appliances would be the first to carry the UL cyber security rating.
Do Consumers Care?
But what does that mean, exactly? And will consumers change their buying habit to reward cyber secure products? To talk about it, we invited representatives from both UL and GE Appliances into the Security Ledger studios to talk.
With us in the studio for this week’s podcast, we have Shawn Stover, Executive Director of SmartHome Solutions for GE Appliances, John Ouseph, Technology Senior Executive of SmartHome Solutions for GE Appliances and Gonda Lamberink, Global Senior Business Development Manager, UL.
New IoT Security Regulations on Tap in U.S., U.K.
In this conversation, we talk about the new IoT Rating System from UL and its different levels. We also talk about the process used by GE Appliances to win Gold Certification and about the future of cybersecurity ratings for consumer products and how manufacturers like GE Appliances will support the cyber security of their products over the long term.
As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloud, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.
Pingback: How NIST Is Securing The Quantum Era | The Security Ledger