For a serious integration of IoT into your business model, an early discussion about the necessary security level and the associated risks is a significant success factor. That is why we recommend and follow the "Security & Privacy by Design" approach.
The Security Whitepaper supports you in deciding whether your risks are sufficiently addressed, where optional further steps can be a worthwhile investment and what the process design can look like.
Information security takes a three-dimensional approach to protecting information. Each dimension deals with different threats and requires specific countermeasures depending on the importance of the asset. The general equation for calculating risk is:
Asset + Threat + Vulnerability = Risk
Information security goes much further than securing the systems themselves. From staff awareness and classification to access restrictions of information and devices. The ISO/IEC deals with the requirements for an information security management system and its implementation.
In order to be able to classify threat models accordingly, the system architecture of IoT solutions must be considered in detail. A seamless integration of security measures goes beyond system boundaries and all organisational units. A serious security discussion requires a comprehensive consideration of all threats as well as countermeasures.