SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
NCC Group chosen to help improve IoT security standards for all sectors
Thu, 25th Jun 2020
FYI, this story is more than a year old

NCC Group has been chosen as an Authorised Lab by the IoXt Alliance, tasked with improving security standards for internet of things (IoT) right from the product development phase.

IoXt Alliance is an industry group dedicated to enhancing multi-stakeholder security and privacy requirements, product compliance programs, and public transparency when it comes to IoT.

NCC Group will provide third-party validation and testing of relevant products for the Alliance's Certification Program, which ensures adherence to the recommended security practices.

More specifically, as an Authorised Lab, NCC Group is responsible for conducting the comprehensive technical security testing required for devices to earn the ioXt Certification Mark.

This is given when a device meets the minimum requirements across each of the eight ioXt Pledge Principles in its designated product profile.

While organisations are permitted to self-certify through a baseline layer, many choose to retain an Authorized Lab to conduct the certification, the company states.

According to the company, NCC Group is uniquely qualified to perform this critical function as it is specifically focused on security.

As such, it presents an advantage for those seeking to go beyond the baseline ioXt profiles, which cover common vulnerabilities such as inadequate password security practices which allow botnets to take down websites and other crucial business foundations.

For its part, NCC Group has amassed extensive experience in IoT security in recent years, working with enterprises in a wide range of industries, building and implementing IoT devices (through its hardware and embedded security services practice), as well as backend services and IoT infrastructure.

This brings a holistic view to each IoT-related engagement. In particular, NCC Group has long worked with product developers to embed security early in the process to provide benefits to the user community at low cost.

NCC Group technical VP Rob Wood says, “At NCC Group, security is in our DNA and that's why we're excited to work with the ioXt Alliance in raising security standards within the IoT ecosystem.

“We look forward to applying our expertise to help ensure that security is embedded early in the IoT product development process, and that all companies are able to comply with the security requirements that are developed.

IoXt CTO Brad Ree says, “I am excited to have NCC Group join the ioXt Alliance Authorised Lab program.

“They have a long and outstanding history in product and compliance testing, along with great cybersecurity expertise on a global scale that will undoubtedly serve our program well and further support our mission moving forward.