Entrust Datacard, a leading provider of trusted identity and secure issuance technology solutions, announced its contribution to the new Security Maturity Model (SMM) Practitioner’s Guide, published by the Industrial Internet Consortium (IIC). The Practitioner’s Guide provides detailed actionable guidance enabling IoT stakeholders to assess, manage and mature the security of IoT systems.
Building on concepts identified in the groundbreaking IIC Industrial Internet Security Framework published in 2016, the SMM defines levels of security maturity for a company to achieve based on its security goals and objectives as well as its appetite for risk. Organizations may improve their security state by making continued security assessments and improvements over time, up to their required level.
Entrust Datacard is pleased to contribute its expertise in security, identity and data protection to the SMM Practitioner’s Guide. Sandy Carielli, director of security technologies for Entrust Datacard, co-authored the new SMM Practitioner’s Guide in conjunction with other security leaders who are also members of the IIC.
“The Security Maturity Model is a valuable resource that will help organizations prioritize their IoT security investments,” said Sandy Carielli. She continues, “Entrust Datacard understands the importance of building and maintaining a trusted IoT ecosystem. The SMM Practitioner’s Guide will provide organizations with detailed guidance and specific milestones to assess their progress against security targets.”
The practitioner’s guide includes tables describing what must be done to reach a given security comprehensiveness for each security domain, subdomain and practice and can be extended to address specific industry or system scope needs.
The SMM was designed to be extensible, with the authors providing a framework for organizations to add any necessary industry- and system-specific considerations to each table. Critically, the practitioner’s guide offers many opportunities for organizations to consider how to apply the concepts, including short examples after each table and three full length case studies.
“The IIC member authors, including Entrust Datacard, have developed an outstanding document to help organizations determine the level of security they need with practical advice and examples,” said Stephen Mellor, CTO, IIC. “There is nothing like this available in the industry.”