ISO, together with the International Electrotechnical Commission (IEC), published ISO/IEC 30141, the world’s first harmonizing, standard reference-architecture for the Internet of Things (IoT) – the complex assemblage of billions of smart devices connected through the Internet. Applying the standard will make the IoT more effective, safer, resilient and much more secure. The "ISO/IEC 30141" standard provides an internationally standardized reference architecture for the IoT. It contains a standardized vocabulary, reusable concept maps and best practices for the industry.
It is recommended that IoT designers and application developers use this standard as a basis for developing IoT solutions to ensure the security of their solutions and to put data confidentiality on a solid basis. From a legal risk management perspective, we also recommend that companies ensure that IoT systems comply with published standards.
Standards are playing an important role in the assessment of due diligence and liability standards, particularly in the area of cyber risk. For example, the Federal Office for National Economic Supply (FONS) has published a minimum ICT standard for ICT security. The Standard is aimed at operators of critical infrastructures (such as energy, electricity, drinking water, road and rail transport), but has also an impact on normal companies. The minimum ICT standard was developed on the basis of the international NIST framework. The FONS also issued specific industry standards, e.g. a standard for electricity companies tothether with the Association of Swiss Electricity Companies (VSE).