The growing expansion of the IoT has led to an unprecedented increase in the number of connected devices. Which has generated a greater dependence on these devices, as well as the need to improve cybersecurity.

This stands out in the Check Point report, where only 11% of the Spanish SMEs consulted, has a complete IoT security solution, compared to 52% that is completely unprotected.

“With the introduction of Quantum IoT Embedded we seek to help manufacturers to protect their devices with the minimum effort,” says Eusebio Nieva, technical director of Check Point Software for Spain and Portugal. “The solution includes a risk assessment service and the Nano agent independent solution in IoTs to provide real -time protection against cyber attacks”

Cybersecurity in IoT

Governments around the world have introduced regulations to improve the safety of IoT devices and protect personal information stored in them. In the United States, the IoT cybersecurity improvement law and Biden administration issued an executive order to improve national cybersecurity were approved.

For their part, in the European Union, the Cybersecurity Law and the Cyber Resilience Law have been introduced, together with the General Data Protection Regulation (GDPR) to guarantee the proper protection of personal data.

On this, the company has identified six key elements that IoT devices manufacturers must implement to comply with new safety regulations and standards:

  • Software updates: Manufacturers must provide the firmware updates option and guarantee their validity and integrity, especially for security patches

Despite its growing popularity and extension of use, Check Point Research points out that only 11% of Spanish SMEs currently have a complete IoT security solution

  • Data protection: The regulations follow the concept of “data minimization”, collecting only those necessary with the user’s consent and safely managing and storing confidential data in an encrypted manner
  • Risk assessment: Developers must follow a risk management process during the design and development phase and throughout the product life cycle, including the analysis of common vulnerabilities and exhibitions (CVE) and the publication of patches for new vulnerabilities
  • Device configuration: The devices must be released with a default security configuration and have eliminated hazardous components, closed interfaces when they are not in use and a minimized attack surface through the “minimum privilege principle” for processes
  • Authentication and authorization: Services and communication must require authentication and authorization, with protection against brute force login attacks and a password complexity policy
  • SAFE COMMUNICATION: Communication between IoT assets must be authenticated and encrypted, using safe protocols and ports
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.