Acuity forms rapid response team for IoT security breaches (UPDATED)

The LED lighting specialist will dispatch the squad when an intrusion is even suspected.

LED lighting specialist Acuity Brands has put a new product security response process in place to support smart lighting and IoT customers.
LED lighting specialist Acuity Brands has put a new product security response process in place to support smart lighting and IoT customers.

The LED lighting specialist will dispatch the squad when an intrusion is even suspected.

In a move aimed at strengthening the security of its Internet of Things (IoT) lighting systems, LED specialist Acuity Brands has formed an incident response team intended to move quickly once a breach is even suspected.

It may not have quite the ring of “SWAT,” but Acuity’s PSIRT — Product Security Incident Response Team — bolsters IoT security measures that Acuity already has in place to protect systems, data, and privacy in a world in which lighting vendors are trying to outfit their luminaires with chips and sensors that gather data and send it to the cloud for storage and analysis.

“All Acuity Brands products containing a software component in their use, maintenance, or management will be serviced by PSIRT,” the company stated. “Additionally, the team will manage the receipt, investigation, and notification procedure with an extended group of collaborators which may include customers, consultants, security researchers, academic institutions, and other vendors.”

The Atlanta-based company outlined an orderly seven steps that the PSIRT team will take in the event of concerns: awareness, triage, analysis, coordination, remediation, notification, and feedback.

“PSIRT will be focused on, but not limited to, the products sold under the following brands: Atrius, Dark To Light (DTL), DGLogik, Distech Controls, eldoLED, Fresco, Holophane, IOTA, Lucid, LC&D, nLight, nLight AIR, ROAM, Sensor Switch, Synergy, and XPoint Wireless,” Acuity said.

LED lighting specialist Acuity Brands has put a new product security response process in place to support smart lighting and IoT customers.LED lighting specialist Acuity Brands has put a new product security response process in place to support smart lighting and IoT customers.

LED lighting specialist Acuity Brands has put a new product security response process in place to support smart lighting and IoT customers. (Image credit: Acuity Brands.)

Atrius is the company’s overarching brand of IoT products, software, services, and partnership.

Acuity also said it has joined the Forum of Incident Response and Security Teams (FIRST), and that it tapped reference material from FIRST as well as from the ISO 30111 standard in deriving its own seven-step response plan. FIRST’s directors include representatives from industrial conglomerate Siemens, networking outfits Cisco and Juniper, electronics company Panasonic, chemicals giant BASF, and others.

IoT data and security will be the subject of a Thursday lunchtime debate at LuxLive 2018’s Property Technology Conference, taking place this Wednesday and Thursday, Nov. 14 and 15.

MARK HALPERis a contributing editor for LEDs Magazine, and an energy, technology, and business journalist (markhalper@aol.com).

*Updated Nov. 14, 2018 11:00 AM for figure update.

More in Networks & Controls