Many manufacturers of IoT devices regularly deploy updates, including security updates, while others may be less focused on development and security. In these cases, it could mean that support is not or no longer available. This in turn could mean that vulnerable equipment can not or no longer be updated, and thus remains vulnerable. The new domain of IoT device security therefore frequently requires additional insight and guidance. For this reason, this guide has been prepared.
This guide is the result of a collaborative effort between various experts from the worlds of industry, government and research. The guide aims to provide information security officers with an approach to ask the right questions for the benefit of more secure use of IoT.