跳转至主要内容

27 July 2023 / by Semtech Product Security

当今互联的世界中,物联网 (IoT) 无处不在。随着这种增长,恶意行为者的安全威胁和利用尝试也越来越多,威胁到从关键基础设施运营商到依赖物联网设备确保安全和通信的住宅消费者等客户。美国政府最近发布的“改善国家网络安全”的行政命令 (EO) 在一定程度上应对这些风险。其方法包括为消费物联网产品引入网络安全标签,让供应商以一种清晰且通用的方式告知购买者这些产品中存在的安全特性和功能,以及可快速访问有关影响这些产品的任何漏洞信息的动态机制。通过让消费者更容易获取安全信息,该计划将让消费者做出更明智的物联网购买决策,并在我们日益共享的环境中提高安全性。

Recognizing the evolving threat landscape, Semtech continually expands and refines our Secure Development Lifecycle Programs to keep ahead of malicious actors, as well as operating a Vulnerability Management Program to ensure vulnerabilities in our products are addressed responsibly. Through our engagement with HackerOne (www.hackerone.com) to support responsible reporting of vulnerabilities and our certification as a CVE-Numbering Authority (CNA), Semtech demonstrates our continual commitment to ensuring the security of our products and our customers throughout their lifecycle. Both programs, along with our other cybersecurity initiatives, are well-aligned with the new cybersecurity labeling initiative, which makes it easier for responsible companies committed to the security of its products to empower customers with critical knowledge.

Semtech is committed to the continuous improvement of security across the sectors we support and the devices and components we manufacture. We strongly support this EO and the cybersecurity labeling for consumer IoT products and are committed to working with the U.S. government and our industry peers to define and support the criteria and conventions around cybersecurity labeling. Through the leadership of the U.S. government and the cooperation and partnership of responsible IoT manufacturers, this standard can be widely adopted in a form that reflects the spirit of the order and brings real security value to consumers.

Engaging with industry partners and governments is not new to Semtech, as evidenced by our collaborations with CISA, the Canadian Center for Cyber Security (CCCS), Infragard, CERT/CC, and consortiums like GSMA. Embarking on this journey alongside the U.S. government and others in our industry will support the continued strengthening of cybersecurity across the IoT landscape and will ensure Semtech’s products are prepared for the cybersecurity requirements of the future.

Semtech and the Semtech logo are registered trademarks or service marks of Semtech Corporation or its subsidiaries.

Topics: News, Company, Internet of Things

订阅博客

近期文章

文章作者

See all