AUSTIN, TX – FEBRUARY 25, 2019 – Praetorian, the expert in cybersecurity solutions, today announced its contribution to the new Security Maturity Model (SMM) Practitioner’s Guide, which provides detailed and actionable guidance for Internet of Things (IoT) stakeholders to assess current security state, set appropriate security targets, regularly measure against them and prioritize investments accordingly. Matthew Eble, practice director of IoT security services for Praetorian, co-authored the new SMM Practitioner’s Guide in conjunction with other security leaders who are also members of the Industrial Internet Consortium® (IIC™).
Security is critical for the next wave of technological innovation to reach its full market potential, but not all industries or IoT systems require the same level of security maturity. The goal of a SMM is to provide a risk-informed path for owners of IoT systems, decision makers, security leaders in various verticals, and other stakeholders to know where they need to be and how to most effectively focus security resources and investments.
The SMM extends the widely utilized IIC Industrial Internet Security Framework published in 2016 by delivering actionable guidance to help IoT stakeholders assess target security state, current security and practices to bridge the gap between them. Organizations improve their security state by making continued security assessments and improvements over time commensurate with their unique risk profile.
Praetorian provides end-to-end IoT product security assessments that help organizations—such as Microsoft Azure IoT, Google, Samsung IoT,GE, Allegion, and Silicon Labs—successfully balance risk with time-to-market pressures. The new SMM provides Praetorian with industry-recognized methodologies for helping customers identify the current security state of IoT solutions and target the appropriate level of security maturity comprehensiveness and scope based on specific industry domains.
“Similar to how the NIST Cyber Security Framework has provided a path for risk-informed decisions at the enterprise level, the SMM provides a framework for organizations to make rational decisions about securing IoT ecosystems,” Eble said. “It helps the organization to focus on those changes that will really move the needle, without wasting time and money on controls of marginal value.”
The full IIC Security Maturity Model Practitioner’s Guide and a list of IIC members who contributed can be found on the IIC website at https://www.iiconsortium.org/pdf/IoT_SMM_Practitioner_Guide_2019-02-25.pdf.