Acuity forms rapid response team for IoT security breaches (UPDATED)

Nov. 12, 2018
The LED lighting specialist will dispatch the squad when an intrusion is even suspected.

The LED lighting specialist will dispatch the squad when an intrusion is even suspected.

In a move aimed at strengthening the security of its Internet of Things (IoT) lighting systems, LED specialist Acuity Brands has formed an incident response team intended to move quickly once a breach is even suspected.

It may not have quite the ring of “SWAT,” but Acuity’s PSIRT — Product Security Incident Response Team — bolsters IoT security measures that Acuity already has in place to protect systems, data, and privacy in a world in which lighting vendors are trying to outfit their luminaires with chips and sensors that gather data and send it to the cloud for storage and analysis.

“All Acuity Brands products containing a software component in their use, maintenance, or management will be serviced by PSIRT,” the company stated. “Additionally, the team will manage the receipt, investigation, and notification procedure with an extended group of collaborators which may include customers, consultants, security researchers, academic institutions, and other vendors.”

The Atlanta-based company outlined an orderly seven steps that the PSIRT team will take in the event of concerns: awareness, triage, analysis, coordination, remediation, notification, and feedback.

“PSIRT will be focused on, but not limited to, the products sold under the following brands: Atrius, Dark To Light (DTL), DGLogik, Distech Controls, eldoLED, Fresco, Holophane, IOTA, Lucid, LC&D, nLight, nLight AIR, ROAM, Sensor Switch, Synergy, and XPoint Wireless,” Acuity said.

LED lighting specialist Acuity Brands has put a new product security response process in place to support smart lighting and IoT customers. (Image credit: Acuity Brands.)

Atrius is the company’s overarching brand of IoT products, software, services, and partnership.

Acuity also said it has joined the Forum of Incident Response and Security Teams (FIRST), and that it tapped reference material from FIRST as well as from the ISO 30111 standard in deriving its own seven-step response plan. FIRST’s directors include representatives from industrial conglomerate Siemens, networking outfits Cisco and Juniper, electronics company Panasonic, chemicals giant BASF, and others.

IoT data and security will be the subject of a Thursday lunchtime debate at LuxLive 2018’s Property Technology Conference, taking place this Wednesday and Thursday, Nov. 14 and 15.

MARK HALPERis a contributing editor for LEDs Magazine, and an energy, technology, and business journalist ([email protected]).

*Updated Nov. 14, 2018 11:00 AM for figure update.

About the Author

Mark Halper | Contributing Editor, LEDs Magazine, and Business/Energy/Technology Journalist

Mark Halper is a freelance business, technology, and science journalist who covers everything from media moguls to subatomic particles. Halper has written from locations around the world for TIME Magazine, Fortune, Forbes, the New York Times, the Financial Times, the Guardian, CBS, Wired, and many others. A US citizen living in Britain, he cut his journalism teeth cutting and pasting copy for an English-language daily newspaper in Mexico City. Halper has a BA in history from Cornell University.