The Telecommunications Industry Association (TIA) has extended an invitation for global organisations to join its Supply Chain Security Working Group within the QuEST Forum community.
This initiative aims to enhance the TIA SCS 9001 standard, incorporating aspects of IoT supply chain security. SCS 9001 represents the inaugural Supply Chain Security Management System focused on directly addressing the increasing risks of cyber attacks within the supply chain. TIA is keen to involve stakeholders from the IoT ecosystem to contribute their knowledge and skills to refine and advance SCS 9001, particularly in IoT supply chain security. The first meeting for the IoT subgroup is scheduled for 26th March.
Dave Stehlin, CEO of TIA, highlighted the current challenge of lacking a unified, globally recognised standard for managing risks in IoT supply chain security. “Equipment and service providers, software and cyber security firms, IT and OT organisations, e-commerce companies, and others are encouraged to engage in this pivotal workgroup. Their insights and expertise will be instrumental in creating a comprehensive global standard that ensures a secure and trustworthy IoT supply chain.”
TIA, with over 80 years of experience in developing and managing technical standards for the ICT industry, is poised to extend its legacy of trust and value to the IoT workgroup, building on the foundation laid by the recently introduced SCS 9001 cyber/supply chain risk management standard.
The surge in connected devices globally is projected to reach over 29 billion by 2027, marking a significant increase from the 16.7 billion sensors recorded in 2023. These devices find application across various settings, from consumer electronics like smart appliances to industrial and healthcare environments, underscoring the critical need for a universal security standard for IoT systems and devices. With 80% of businesses incorporating IoT into their operations, the urgency for such standards is evident.
The rise of IoT technology introduces new cybersecurity challenges, necessitating enhanced protection measures for enterprise infrastructure. A 2023 IBM report noted that detecting a data breach takes an average of 207 days, with a resultant cost exceeding $4 million. Recent cyberattacks on industries such as manufacturing and energy underscore the vulnerabilities in the current security landscape.
To combat these challenges, initiatives such as the US Cyber Trust Mark program, the UK Product Security and Telecommunications Infrastructure Regulation, and the EU Cyber Resilience Act aim to improve IoT security. These efforts focus on raising consumer awareness and addressing common vulnerabilities, but there is a need for a more comprehensive approach that addresses IoT technology within the complex supply chain.
Mike Regan, Vice President of Business Performance at TIA, remarked on the importance of a unified standard like SCS 9001 to streamline market access and embed robust security measures in IoT products to mitigate cyber threats effectively.
As the landscape of cyber risks continues to evolve, it is imperative to focus on IoT security at the supply chain level. Various organisations, including network operators, equipment manufacturers, and software developers, have pledged their participation in the workgroup, recognising the importance of collaborative efforts to enhance supply chain security in the IoT domain.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.