Welcome to the home of the ManySecured Gateway Project
ManySecured Gateway Project
The ManySecured project’s aims are to:
- to protect consumers, organisations and industry from the security risks posed by Internet of Things (IoT) devices
- secure the IoT through security collaboration and innovation at the gateway
The ManySecured Gateway project partners will develop publicly available best practice, specifications and resources aimed at router/IoT gateway vendors, service and solutionproviders, in a bid to deliver IoT-secured deployments which are resilient to attack throughout their lifecycle.
The ManySecured partners will define collaborative information sharing protocols, IoT fingerprint data, techniques and technical integration layers to make wide scale deployment and impact possible.
Founding partners in the project include Cisco, IoT Security Foundation, NquiringMinds and the University of Oxford.
Collaboration is essential to ensure Interoperable security, no one company can do it alone.
To facilitate this collaboration, the IoT Security Foundation has created the ManySecured Special Interest Working Group (SIG) and we are looking for organisations and people to join with the aim to:
- Produce Best Practice recommendations in the areas of Gateway Foundations, Secure Comms, Update Management, Network Isolation
- Develop and publish Problem Statements, Whitepapers, Requirements and Solutions
- Define methods and algorithms to monitor, detect threats and suspicious activity in IoT devices and networks
- Share datasets for: test purposes, malware trace data, fingerprints and patterns, sample network traffic of vulnerable and compromised devices
- Create reference (Open Source) implementation solutions
- Develop a ManySecured Certification Program
- Run trials with end users, customers and key stakeholders
If you would like to learn more and are interested in joining the SIG, please CONTACT US.
The IoT, an opportunity for inovation
The emergence of the Internet of Things is a manifestation of technological progress – two key mega-trends are the pervasive use of communications (hyper-connectivity), and the ubiquity of software defined (or smart) products. Combined, these continuous trends provide huge opportunity for innovation across all market sectors as they yield benefits for society, economies, enterprise and consumers.
… and a potential risk
However, it is also true that ‘all technology is dual purpose’, and whilst IoT is an exciting proposition when used as intended, it may also be used as a weapon against us if systems are not kept secure enough. There is a long list of challenges to achieving this goal including cost, complexity, ownership, inter-dependency, legacy, interoperability, life-cycle, updates and… the list goes on.
Seen through the eyes of nefarious, the continuous expansion of IoT provides a never ending opportunity to hack vulnerable things. It’s an asymmetric problem – you cannot win as a defender and attackers may only need to get lucky once to achieve their goal. New targets appear every day and when those targets are no longer of interest, hackers are nimble and move quickly onto the next opportunity. Security is never done, and the available human resources to be ever-vigilant and keep on top of the issues do not scale in the same way the technology does. We need more scale. We need more speed. We need constant vigilance designed in to systems that work for us and not against us. We need constant security, at scale and at speed.
The ManySecured Gateway project is a response to address many of those challenges and recognising that security has to protect legacy devices, as well as the new, then upgrading automatically when new vulnerabilities are discovered.
But why ManySecured?
A key principle behind the project is to exploit the potential of industry, and technology, to work collaboratively together on security issues. Whilst the ManySecured Gateway project has four founding partners, it is intended to create a community of manufacturers, ecosystem stakeholders and users to reach the scale required to surpass the speed and agility of a smaller, yet determined variety of bad actors.
The ManySecured Gateway project is by the many (stakeholders), for the many (users).