President’s Corner
Leading and Informing in the IoT Space 

Welcome to the first issue of the ioXt Alliance Newsletter. There is much to report on the Alliance, our member companies and the security world as a whole.

We look forward to bringing you information quarterly that helps keep you up to date.

First, I am pleased to announce the expansion of the ioXt Compliance Program. The Program is based on the ioXt Pledge, but also includes several device-specific profiles, such as Android-enabled devices and smart speakers. Devices may be certified through ioXt certified test labs or through the world’s first bonded manufacturer certification process, which leverages the global hacker community to validate compliance claims. Please visit the portal at ioXtAlliance.org.

Second, for those who are unaware, the Alliance has three very active workgroups: Marketing, Public Policy Awareness and Compliance.

Each meets regularly and is open to all Contributor level members. Workgroup meetings are highly interesting in their own right, and I encourage you to join the conversations.

Third, in the newsletter section “Hack of the Quarter,” we will be featuring a notable hack and including links to related articles. To dive deeper, please access the technical disclosures posted in the ioXt Alliance member portal.

Thank you again for being part of the ioXt Alliance, the Global Standard for IoT Security. Together, we make the world a safer, more cyber-accountable place.

Brad Ree 
CTO at ioXt

Message from the Board

Dave Kleidermacher
VP, Android Security & Privacy for Google

Arguably the biggest challenge facing the security, privacy, and safety of the IoT is the lack of transparency regarding security quality of connected devices. In the 1800s, before the FDA, snake oil ran rampant and consumers could not make informed decisions to protect their health and wellbeing. The lack of a trustworthy “security nutrition label” has put the digital world in a similar dangerous position. Without high quality standards and scalable compliance programs that provide transparency about the security capabilities of products, poor quality implementations continue to flood the market unimpeded, and consumers are unable to make informed decisions to help protect their health and wellbeing.

The Internet of Secure Things alliance brings together leading tech companies and connected device consortia to create the first broad, international, industry-driven baseline security standard and compliance program for IoT devices, including smartphones, webcams, smart lighting, and many other products. I’m proud to be part of an effort that has great potential to be the tide that raises all boats in building a safer, more productive IoT.

Member Company Feature

Cybellum
Cyber Security Risk Assessment
for Automotive Components

Cybellum provides automatic cybersecurity risk assessment solutions that specialize in the automotive world. By working closely with major automotive manufacturers, the company has developed a deep understanding of security threats to connected cars. Says Eddie Lazebnik, Head of Strategy at Cybellum, “The automotive industry is facing a digital revolution. Vehicles, like other IoT devices, are highly connected—forming the Internet of Vehicles (IoV).” This transformation multiplied the risk and uncertainty levels. Securing software through a complex supply chain comes with surmounting challenges such as closedsource software and increased regulation. These challenges can only be resolved with collaboration across companies and industries. Sharing this vision, I am glad to contribute to the ioXt Alliance community from the experience and expertise that Cybellum brings.”