New IoT laws are an “encouraging step” towards improved consumer security
New proposed legislation, launched by the UK’s Digital Minister Margot James, has been published to help improve the security of internet of things (IoT) devices. This includes the introduction of a new labelling system for products to help users understand how secure they are.
To achieve this new label, IoT devices will have to meet a number of basic security requirements; including clearly stating how long security updates would be available for, offering a public point of contact for security vulnerabilities, and coming with unique passwords by default.
Tim Rawlins, director and senior adviser at NCC Group, said: “We believe it’s important to make it as easy as possible for users to behave securely. The labelling of IoT devices will no doubt bring security up the list of priorities for consumers. As more and more connected devices fall under the banner of IoT, it’s important to help remove potential security risks – and while this is a small step towards this, it is still an encouraging one.
“The proposed legislation will put increased pressure on manufacturers to build baseline security features into their products. But there needs to be a continuing focus on driving improvements in security in IoT products across the design and manufacturing industry. Security needs to be a firm focus well before any of these IoT devices end up in users’ hands.
“We will undoubtedly see further recommendations and legislation that will help to cement security within the design process while maintaining a balance between managing risk and letting innovation thrive. These initial steps are in the right direction for all consumers.”
About NCC Group
NCC Group exists to make the world safer and more secure.
As global experts in cyber security and risk mitigation, NCC Group is trusted by over 15,000 clients worldwide to protect their most critical assets from the ever-changing threat landscape.
With the company’s knowledge, experience and global footprint, it is best placed to help businesses identify, assess, mitigate and respond to the evolving cyber risks they face.
To support its mission, NCC Group continually invests in research and innovation, and is passionate about developing the next generation of cyber scientists.
With over 1,800 colleagues in 12 countries, NCC Group has a significant market presence in North America, continental Europe and the UK, and a rapidly growing footprint in Asia Pacific with offices in Australia and Singapore.