Recommendation ITU-T Y.4806 officially came into play in January 2018. This is a new international standard on “Security capabilities supporting safety of the Internet of Things (IoT).
Recommendation ITU-T Y.4806 was developed by a Study Group 20 “IoT and smart cities and communities” of ITU’s Telecommunication Standardization Sector (ITU-T). This new standard classifies security issues for IoT, while examining possible threats for security systems. It also differentiates the safe execution of IoT cyber-physical systems supported by security capabilities.
Kaspersky Lab, as a member of ITU-T Study Group 20, was one of the key contributors to the development of Recommendation ITU-T Y.4806.
During the study, Kaspersky Lab researchers showed that non-computing connected devices incidents are among the top-3 incidents with the most severe financial impact. Impacting both SMB and enterprise organizations, this is going to increase every passing day. In the wake of the recent TRITON attack targeting industrial control systems, it became obvious that attacks on cyber-physical systems can affect not only the information aspects, but also functional safety.
Considering the current prevalence of IoT threats, Kaspersky Lab ICS CERT experts actively contributed to the development of Recommendation ITU-T Y.4806. The experts provided up-to-date specific recommendations for IoT framework security.
Recommendation ITU-T Y.4806 is mostly applicable to safety-critical IoT systems, such as industrial automation, automotive systems, transportation, smart cities, and wearable and standalone medical devices. Additionally, Recommendation ITU-T Y.4806 considers how the joint analysis of threats and security capabilities mentioned herein may be used to establish security requirements for the different applications of the IoT.
“In the wake of the recent TRITON attack targeting industrial safety systems, it became obvious that attacks on cyber-physical systems can affect not only the information aspects, but also the functional safety. Our aim was not only to plant the flag on the idea of high probability of security breach attacks, but also to determine the methodology for developing specific requirements. We believe that our contribution to ITU-T’s IoT security standard (Recommendation ITU-T Y. 4806) will help organizations develop more efficient cyber security strategies to fully face up to modern cyber threats,” – added Andrey Doukhvalov, Head of Future Techs, Kaspersky Lab. Read more…