White labeling, rebranding, and partnerships with OEMs are in IoT business very common just like in any other domain too. But there are also unique aspects of IoT security or in general cyber security which are not available in other domains but extremely important. The importance here is caused by incidents in the past, current legislation (e.g. GDPR) actions which will affect the future use and raise awareness of technical partners who implement security engineering process in their process landscape and decline every product if there is no proper IoT security implementation in place.
While the first steps of the assessment of potential partners are often a pure sales or business developer-driven process, I’ve summarized 5 general questions also a non-technical colleague can take with him to get a first feeling about the potential partner, in terms of cybersecurity.
Disclaimer: This is not an ultimate guide for the shortest assessment or shall show you how to complain best about IoT security. It simply a collection of questions you should get answered as soon as possible to not to waste time on a product you or a company which will bring you and your company in big troubles.
Only a Few Right Questions Can …