Just as with hardware security expertise, general cybersecurity expertise is hard to attract and retain. Since many traditional manufacturers are pivoting to add connectivity to their product lines, there is often a lack of the security-engineering skills needed to transform products and their associated interfaces securely.
You will need security practitioners who can:
- Define the vision for a secure IoT system/device, and translate that vision into a strategic approach
- Identify applicable industry regulations and derive system requirements to aid in compliance
- Threat-model your system/device and complete a risk management process
- Adopt and tailor a secure development process, and ...