The GSMA released guidelines designed to promote secure Internet of Things (IoT) service development and deployment, a sign that the mobile industry acknowledges a growing cybersecurity threat, as well as burgeoning consumer wariness around data privacy and IoT.

The document was developed through consultation with the mobile industry, including leading operators such as AT&T, China Telecom, Etisalat, KDDI, NTT Docomo, Orange, Telefonica, Telenor and Verizon and vendor 7Layers, Ericsson, Gemalto, Morpho, Telit and u-blox.

The rapid growth in IoT take-up increases the possibility of potential vulnerabilities, according to Alex Sinclair, the GSMA’s CTO. “These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and an appropriate mitigating technology is deployed,” he added.

The guidelines have been designed for all participants in the IoT ecosystem including service providers, device vendors and developers.

As well as helping providers to build secure services from the outset, the guidelines also establish the need for assessing the risk of all components in an IoT service to ensure they are designed for secure data collection, storage and exchange.

The guidelines went through a consultation with academics, analysts and other industry experts.

“There is a significant amount of evidence to suggest that cyberattacks are already happening in the burgeoning IoT space. If not handled appropriately, these attacks are likely to inhibit the growth and stability of the Internet of Things,” said Don Bailey, founder and CEO of Lab Mouse Security, a US IoT security firm.

“The GSMA IoT Security guidelines compiles best practice recommendations for service development which if adopted will minimise opportunities for malicious exploitation and in turn will reassure market confidence and facilitate mass adoption,” said Angel David Garcia Barrio, VP M2M, Etisalat.

Mari-Noelle Jego-Laveissiere, senior executive for innnovation, marketing and technologies, Orange, noted another important consideration: “Consumers are becoming increasingly aware of security vulnerabilities and threats to their own digital identity and consumer protection will be a key consideration for adoption of IoT services.”