The IoT Security Maturity Model defines levels of security maturity for a company based on its security goals and objectives and on its appetite for risk. IIC says it enables decision makers to appropriately invest to meet their specific security requirements.
The white paper is an introduction to the Security Maturity Model’s concepts and the Practitioner’s Guide provides “detailed, actionable guidance IoT stakeholders can use to assess and manage the security maturity of their IoT systems,” according to the IIC.
The co-author of the model and chair of the IIC Trustworthiness Task Group, Frederick Hirsch, said: “We’ve improved the clarity and usefulness of the Practitioner’s Guide by adding new guidance to the numerous practice tables, clarifying scoring and the case studies, and more – without changing the underlying model.
“The improvements are based on experience and feedback, including from training sessions. We’ve updated the white paper correspondingly.”
The IIC has also released a Retail Profile for Point-of-Sale Devices targeted specifically for the retail industry, aligned with the model.
It says it is collaborating with other industry groups to develop additional industry profiles and extend the model further.