Consumer IoT
device cybersecurity
Companies who chose us
Standard for Consumer IoT Devices.
IoT cybersecurity solutions
IoT devices often perform data collection, data exchange, data processing, and data reaction tasks. The IoT device market is rapidly growing, with a large number of devices being deployed in a wide range of sectors, including healthcare (IoMT), manufacturing (IIoT), energy (IoT), and transportation.
One of the key challenges in the IoT device market is cybersecurity. Because IoT devices are connected to a network, they are vulnerable to cyber attacks that can compromise the confidentiality, integrity, and availability of the device, and the information it processes.
This can have serious consequences, especially for devices that handle sensitive information or are critical to the operation of a system.To address these challenges, manufacturers and other stakeholders need to implement robust cybersecurity measures and follow relevant regulations and standards. This can help to reduce the risk of cyber-attacks and ensure the security of IoT devices.
Number of internet of Things (IoT) connected devices worldwide from 2019 to 2021, with forecast from 2022 to 2030 (in billions).
IoT Security Standards are regulatory standards for the security of IoT devices.
ETSI EN 303 645 - The Cybersecurity Standard for Consumer IoT Devices
ETSI EN 303 645 is a technical specification developed by the European Telecommunications Standards Institute (ETSI) that provides guidelines for the security of Internet of Things (IoT) devices.
ETSI EN 303 645 is the first globally applicable Cybersecurity Standard for Consumer IoT Devices. Consumer IoT Products are internet-connected devices that any person can have at home nowadays. This standard covers consumer IoT devices that are connected to network infrastructure and their interactions with associated services, like smart tv’s, CCTV cameras, speakers, connected home automation devices, IoT gateways, base stations, HUBs, wearable health trackers, baby monitors, IoMT devices, connected home appliances like smart refrigerators and washing machines, or connected alarm systems, door locks, smoke detectors, among many others. The ETSI 303 645 standard aim is to prepare these devices to be protected against the most common cybersecurity threats and to prevent large-scale attacks against connected devices.
It provides a basis for future IoT certification schemes. ETSI EN 303 645 contains a set of 13 cybersecurity categories and some provisions specifically focused on Data Protection.
In addition to providing guidelines for device security,
ETSI EN 303 645 also includes recommendations for the management of security risks, including the identification and assessment of risks, the implementation of controls to mitigate those risks, and the ongoing monitoring of risks.
The standard contains regulations to improve device security and minimize cyber threats. It helps manufacturers of consumer IoT devices to provide a range of features that protect their customers' personal data while complying with privacy laws and regulations (e.g. GDPR). It is the foundation of future IoT certification systems.
The definitive guide to crafting Compliant IoT Devices and high-quality developer documentation for ETSI EN 303 645 Certification
Facing challenges?
Are you finding it difficult to navigate the complexities of ETSI EN 303 645 for securing your IoT devices?
Wondering if your existing product documentation meets the stringent standards set out by this cybersecurity benchmark?
Do you feel that meeting ETSI's security requirements is an intricate and overwhelming task?
Whether you're gearing up for your first dive into the Internet of Things (IoT) security certification, or you're looking to refine your approach to compliance with ETSI EN 303 645 without unnecessary expenditure of time and resources,
This course is your key to unlocking simplicity in compliance.
Download our ETSI EN 303 635 infographics today and learn about the product certification process for this consumer IoT device cybersecurity standard.
ETSI EN 303 645 infographics for Consumer IoT devices
How to comply with the ETSI EN 303 645 standard?
Manufacturers must implement the requirements defined by the ETSI EN 303 645 standard in their products to get them certified. The ETSI EN 303 645 standard includes 33 cybersecurity requirements and 35 cybersecurity recommendations.
GET PREPARED FOR ETSI 303 645
CCLab will support your documentation needs by providing you the templates of the DUT (Device Under Test) Identification, the Implementation Conformance Statement (ICS), and the Implementation of eXtra Information for Testing (IXIT), with guidelines on how to fill them out.
GET YOUR PRODUCT EVALUATED
Get your product tested by CCLab. We evaluate your product and issue an evaluation report of your product at the end of the project. The issued Statement of Conformity can be a good basis for further certification.
What ETSI EN 303 645 compliance services does CCLab offer?
Training/Consultancy - We offer workshops to guide developers on their journey to ETSI EN 303 645 compliance. We provide insights and document templates for preparing the ICS, IXIT, and additional documentation needed for an evaluation.
Gap Analysis: - We assess the products to determine the differences between the current security implementation and the provisions defined in ETSI EN 303 645.
Product Evaluation: - We evaluate the product based on the applicable provisions of the ETSI EN 303 645 and will issue a conformance evaluation report as well as the identified security gaps.
Statement of Conformity - CCLab issues a Statement of Conformity when the evaluated product meets the requirements defined in ETSI EN 303 645.
.webp)
Webinar on Consumer IoT security solutions
Do you want to know more about Consumer IoT Cybersecurity?
CCLab at ETSI Security Conference 2024: Connect with Our Expert
We are excited to share that one of our leading cybersecurity experts will be attending the ETSI Security Conference 2024 in Sophia Antipolis, France, from 14-17 October 2024.
This conference is essential for anyone involved in cybersecurity standards and will cover critical topics like IoT security, 5G protection, and AI-driven cybersecurity solutions.
Join us at CETEX
Our Sales Manager Mr. Levente Cseh will also be at the conference.
The CETEX 2024 offers valuable opportunities to connect with key decision-makers, industry leaders, and potential clients in the consumer electronics testing and development sector.
You don’t have enough information about Consumer IoT Cybersecurity?
Do you need support to evaluate your consumer IoT device? Contact us!
Testimonials
Kenneth Lasoski
Versa Networks
Evaluation team was extremely reasonable and flexible with resolution to findings and was helpful in finding agreeable solutions for CB comments. Consultation team was always responsive and helped shape the documentation for easier evaluation, and provided useful recommendations on satisfying SFR/SARs.
Thierry Bonda
Landis+Gyr
CCLab was well prepared, flexible during the whole evaluation process, and supported us with continuous communication and guidance. Many lessons were learnt during the project and CCLab has always been looking for solutions, supporting our developers the best way they could. The new Swiss evaluation methodology was a good and professional basis to work with, but both parties had to learn how to deal with it.
Jake Nelson
Corsec Security Inc.
The relationship between Corsec and CCLab has been instrumental in helping product vendors successfully complete the Common Criteria certification process. As a Common Criteria consultant to the product vendor, Corsec relies on CCLab’s responsiveness and expertise to quickly and thoroughly complete the testing component of the process. CCLab has been essential in managing multiple projects, their professionalism has helped ensure product vendor satisfaction and ultimate project success.
Alexander Testov
AO Kaspersky Lab.
"I would definitely recommend CCLab to anyone in need of Common Criteria certification. Our cooperation was comfortable, well organized and efficient. I am totally satisfied with the result."
Dayton Marcucci
HID Global
The CCLab team gave us full support to adapt to the changes during product development. Whatever the challenges faced they could keep the due dates and we were able to complete the process quickly and efficiently. The real agile lab helped our success. We are going to work with them again. I highly recommend them to anyone wanting to get its product certified.
Jaime Chica
NXP Semiconductors
It was a well-managed project which achieved success in an effortless manner.
Kalev Pihl
SK ID Solutions
We needed a lab that works quickly but with high work morale and quality of work. CCLab is exactly like that! It was good cooperation experience to work with them. The project was rather complex and our expectations maybe even too high, but the team was committed to the common goals and could keep the milestones; therefore we were able to deliver what was needed. I highly recommend CCLab team to anyone for their great team spirit, quality orientations, agility and reasonable pricing.
Israr Ahmed
Ascertia Ltd.
On behalf of Ascertia, accept my appreciation for the excellent job done by CCLab team over the past several months in achieving the Common Criteria Certificate for ADSS Server SAM solution. It was an enormous undertaking but went smoothly and efficiently! Thanks to your leadership and dedication combined with your staff's teamwork and energy, we achieved our target. You and your employees should take great pride in this accomplishment. We look forward to extend our work with you for our next certification milestone and hope will continue to get such excellent service.
Zsolt Rózsahegyi
I4P Informatics Ltd.
Thanks to the agile processes we've been able to add new features to the product during the evaluation that made it even more valuable to customers. CCLAB efficiently supported us throughout the whole change management process. The predictability, accurate scheduling, and supportive mindset helped us to finish the project in time.