Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Smart home security and privacy guidelines addressing multi-vendor interoperability, voice assistant security, and residential IoT protection 1. Introduction to ISO/IEC 27403:2023 ISO/IEC 27403:2023 provides IoT security and privacy guidelines specifically tailored for domotics (smart home) environments. Published as part of…
Standardised cybersecurity labelling framework for IoT products with 1-5 star ratings, conformity assessment, and market implications 1. Purpose of ISO/IEC 27404:2024 ISO/IEC 27404:2024 defines a cybersecurity labelling framework for IoT products, enabling consumers and procurement professionals to make informed security…
A comprehensive engineering guide to Privacy Impact Assessment methodology 1. Introduction to ISO/IEC 27551:2022 ISO/IEC 27551:2022 provides structured guidelines for conducting Privacy Impact Assessments (PIA) within any organization that processes personally identifiable information (PII). Published as part of the ISO/IEC…
Framework and principles for privacy-preserving online authentication 1. Scope and Purpose of ISO/IEC 27553-1 ISO/IEC 27553-1:2022 establishes a comprehensive framework for the use of personally identifiable information (PII) in online authentication systems. As digital services increasingly rely on identity verification…
A Strategic Framework for Managing Cyber Risk through Insurance ISO/IEC 27102: A Strategic Framework for Cyber Insurance ISO/IEC 27102 provides guidelines for information security management regarding cyber insurance. As cyber threats grow in frequency and sophistication, organizations increasingly turn to…
A comprehensive framework for cybersecurity and privacy protection in IoT ecosystems 1. Scope and Purpose of ISO/IEC 27400:2022 ISO/IEC 27400:2022 provides comprehensive guidelines for cybersecurity, privacy, and data protection in the Internet of Things (IoT) ecosystem. Published by ISO/IEC JTC…
Baseline security requirements for IoT devices and gateways with capability class framework 1. Overview of ISO/IEC 27402:2023 ISO/IEC 27402:2023 specifies baseline security requirements for IoT devices and IoT gateways. Unlike the guideline-level 27400, this standard defines concrete, auditable requirements organised…
Preparing Your Organization for Legally Defensible Electronic Discovery Introduction: The Imperative for E-Discovery Readiness ISO/IEC 27050-4 addresses a critical operational capability for modern organizations: ICT readiness for electronic discovery. When litigation, regulatory investigation, or internal audit triggers a legal hold…
Requirements for establishing trust frameworks for identity management and digital services ISO/IEC 27070:2021 specifies requirements for establishing trust frameworks that enable interoperable identity management and secure digital services across organizational and national boundaries. A trust framework is a standardized set…
Building a Foundation of Trust in the Internet of Things Era Introduction: Trust in a Hyperconnected World ISO/IEC 27071 addresses one of the most pressing security challenges of the connected era: establishing trusted connections between devices and services. As the…