Securing the Internet of Things Together

The rapid spread of networked products and devices – or Internet of Things (IoT) devices – puts cybersecurity at the centre of attention across sectors. In Smart Cities, Smart Homes, and Smart Manufacturing, or Industry 4.0, IoT devices need to be protected against intentional perpetrators as well as from unintended use. With IoT becoming more ubiquitous, much is at risk: the confidentiality of personal information, the integrity of data, along with the functioning of services and systems.

India and Germany decided to explore their potential alignment of cybersecurity regulations, and corresponding standards and certification. This discussion paper includes a comparison of regulatory approaches for IoT device security in India, Germany, the European Union (EU), and beyond. Specifically, it elaborates on the role of standardisation and conformity assessment in these regulations. It highlights key considerations for policy-makers in this emerging field and aims to deepen the international discourse on harmonised approaches to securing IoT devices.

The discussion paper was developed by the Global Project Quality Infrastructure (GPQI) of the German Federal Ministry for Economic Affairs and Energy (BMWi) in cooperation with the Bureau of Indian Standards (BIS) and the Data Security Council of India (DSCI).