Singapore’s IMDA issues IoT cybersecurity guide

The Infocomm Media Development Authority (IMDA) in Singapore published a new Internet of things (IoT) cybersecurity guide to assist IoT developers, vendors, and users. The guide deals with two main issues: system acquisition and development; and operations and maintenance management. The guide provides a set of baseline security recommendations for all three groups based on four IoT security design principles: secure by defaults, rigor in defense, accountability, and resiliency. The guide also provides a suggested checklist for threat modelling and a list of security questions that developers, vendors, and users can use for identifying the security capabilities of various IoT solutions and products.