The Internet of Things (IoT) offers a wide range of consumer benefits – from the ability to control your thermostat or light fixtures through a smartphone, to an Internet-connected home security system, to wearables such as Internet-connected fitness bands and watches and beyond. To help realize the full innovative potential of IoT, users need reasonable assurance that IoT devices and applications will be secure.
One particular area of concern is whether and how to address potential security vulnerabilities in IoT devices or applications through patching and security upgrades. In the early IoT market, there has sometimes been limited consideration for supporting future security patches, even though many devices will eventually need them. Enabling a thriving market for devices that support security upgrades requires common definitions so consumers know what they are getting.
Currently, no such common, widely accepted definitions exist, and manufacturers can struggle to effectively communicate to consumers the security features of their devices. This is detrimental to the digital ecosystem as a whole, as it does not reward companies that invest in patching and it prevents consumers from making informed purchasing choices.