Expansion for an SME-focused IoT cyber security programme
This story was covered by Digit on 28 February 2022
Thanks to new funding from the Scottish Government, CENSIS will expand its existing IoT Secure programme to help more Scottish SMEs, spin-outs, and start-ups get to grips with cyber security matters relating to IoT products and services.
After a successful first year that saw more than 20 companies receive free guidance and advice from CENSIS, additional funding was secured to continue running the programme over the next 12 months. Another 20 companies will have the opportunity to take part, from developers of IoT products and services to end-users and businesses looking to introduce new IoT-led processes.
Announced during CyberScotland Week (28 February – 6 March 2022), the funding will provide an accessible avenue for SMEs to receive cyber security advice on a one-to-one, tailored basis. CENSIS will work with companies at any stage of product, service or process development to identify their needs and challenges, provide advice and guidance and create an action plan that can be regularly reviewed to track progress.
Navigating upcoming changes to cyber security legislation will form a core element of the support. The Product Security and Telecommunications Infrastructure (PSTI) Bill includes a range of new regulations for connected devices that CENSIS can help businesses to understand and prepare for.
The funding will also cover a pilot workshop that will see university students engage with a Scottish company and collaborate to solve IoT cyber security challenges, potentially leading to future work placements and a wider rollout across other Scottish universities. It follows a successful vulnerability pilot held in partnership with Abertay University last summer, which brought together students from a range of disciplines to work through a real-world, practical cyber resilience challenge.
Cade Wells, Acting Business Development Director at CENSIS, said: “IoT comes into so many aspects of our lives: at home, at work and in public infrastructure and the market is growing at pace. This year SMEs will find that IoT cyber security is much more of a priority, with legislation changes coming soon. Our goal is to help companies to understand what this means for their products and services, ultimately helping to share best practice and create high quality, secure IoT devices.
“We’re looking to work with a range of companies on a flexible consultancy basis, offering a hotline for people to get in touch and ask for help as and when they need it. That said, the support programme will likely follow a three-stage approach: initial conversations and advice, and the development of an action plan, followed by regular updates and revisiting the plan when new challenges arise. We’ll also connect SMEs to other organisations and experts in our community to help tackle any cyber security and resilience issues.”
CENSIS is a core partner of the CyberScotland Partnership, a collaborative network focused on improving cyber resilience and delivering the Scottish Government’s Strategic Framework for a Cyber Resilient Scotland. Its aims include knowledge-sharing and raising awareness of cyber threats, providing support and guidance, and collectively supporting the cyber security community.
Among the businesses that benefited from CENSIS’s cyber security guidance as part of last year’s IoT Secure programme was M2M Cloud, the Dundee-based IoT technology company. Scott Edgar, Operations Director, said: “Certification and legislation can be some of the more complex aspects of developing IoT devices and processes and we were grateful to have CENSIS to guide us and offer advice on various aspects of standards and requirements. The team put us in touch with other organisations that could offer valuable support, as well as supporting us through key stages of the Information Assurance for Small and Medium Enterprises (IASME) IoT Security Assured scheme – an industry-leading certification process for manufacturers to verify device security.”
SMEs, start-ups, spin-outs and companies interested in CENSIS’s free IoT cyber security support can apply by emailing cade.wells@censis.org.uk