Should IoT Security Be Regulated By Industry or Government?

Date Published: August, 01, 2015

Author: Brandon Lewis

After a day full of security presentations, the audience for “The Biggest Challenges Faced by Developers” panel at IoT Evolution Developers Conference wasn’t changing gears. Whether the questions posed to David Kleidermacher of Blackberry; Cisco’s Chuck Byers; Christian Legare, Micrium; and the Trusted Computing Group’s Stefan Thom focused on the hardware level, the cloud, or the communications channels in between, the general consensus was “if you’re not already heavily invested in security you’d better be, if for no other reason than that legal teams are going to require evidence at one point or another.”

Specifics of the various tiers of IoT security are better explained in previous blogs that recap sessions by Kleidermacher, Thom, and Alan Grau of Icon Labs, as well as an upcoming piece covering a presentation conducted by Red Hat’s James Kirkland. However, Byers probably best summed up the gloomy climate, saying, “the stakes could never be higher … short of implementing security measures there will eventually be data breaches that cause the loss of life or have other societal repercussions that could result in the government or the press getting involved in implementing standards. I don’t know about you, but I’d rather have control over my job than have the government telling me how to do it.” This was a sentiment echoed by the other panelists.

While industry is starting to get proactive developing minimum requirements and looking for ways to provide an ROI on security technology so it can remain contained within the private sector, the simple fact is that we’re not there yet.

I’m interested in your take, as this is an issue that will affect us all, if it hasn’t already.

To read the full article, please click here.


Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more


Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read More